QAO Audit Update

Challenges for the changing public sector

28 November 2013
80 George St, Brisbane

Agenda
QAO Update
Anthony Close, Deputy Auditor-General

Accountability in a changing public sector

Michael Keane, Director Central Agencies

Delivering services efficiently

Mayus Nath, Director IS Risk and Data Analytics
Andrew Spina, Deputy Director-General DSITIA

QAO Update

Anthony Close
Deputy Auditor-General

Overview

Our Public value

QAO key audit products and services

Strategic Audit Plan

Our Public Value

Sector
Stakeholder
Management

Audit
Products

Clients

Corporate

Community

Industry

Government

Professional

Advice to Parliament

Reports to Parliament

Public Sector Audit

Committee Advice

Performance Audits

Financial Audits

MP Advice

Results of Financial Audits

Certifications

Referrals

Strategic Audit Plan

Controls Assurance

Specialist
Services

Data Analytics

IS Risk

Treasury

Tax

Corporate
Services

Audit Support

Information
Technology

Finance

Human
Resources

Strategic Audit Plan

Strategic Audit Plan

Transport,
Housing and
Local
Government
18%

#N/A
6%

Agriculture,
Resources and
Environment
22%

26% response
rate to our
requests

State
Development,
Infrastructure
and Industry
12%

Education and
Innovation
10%
Legal Affairs
and
Community
Safety
9%

Health and
Community
Services
16%

Finance and
Administration
7%

Strategic Audit Plan

Strategic Audit Plan

Strategic Audit Plan

Nov

Topic consultation

Dec
Jan

Assess topics and finalise draft Plan

Feb
Mar
Apr

Consultation on draft Plan

May
Jun

Plan published

For More Information

www.qao.qld.gov.au
Audits in Progress
Completed Reports

Accountability in a changing
public sector
Report to Parliament 6: 2013-14
Internal control systems
Michael Keane
Director Central Agencies

Internal Controls 2012-13 (Report 6: 2013-14)

CFO certification
Internal audit
Audit committees
Corporate cards

Internal Controls Framework

CFO Certification Audit findings

Most departments had robust CFO certification
processes
Improvements in the following areas:
Design of the process top down risk assessment
Consulting earlier with the Director-General
Clearly aligning significant financial reporting risks
with relevant account balances and key internal
controls being assessed

DSITIA

Internal audit resourcing against benchmarks

200%

Potential over
resourcing of IA

175%

0%

DoH

DTMR
QPS

Departments

Within
benchmark

DHPW

DCS

DNRM

DLG

DEWS

DATSIMA

50%

25%

DETE

DCCSDS

DJAG
DAFF

DNPRSR

DSDIP

DEHP

DPC

100%

75%

QTT

125%

DTESB

IA Resourcing against benchmarks

150%

Potential under
resourcing of IA

IA Recommendation status
80

No. of audit recommendations

70
60
50
40
30
20
10

0
Not yet due

0 - 90 days

Rated as high risk or priority 1

91 - 180 days

181 - 365 days

Over 365 days

Rated as medium risk or priority 2

Audit Committee - external membership

10
9

No. of audit committee members

8
7
6

5
4
3
2
1
0

Departments

External members

Internal members

Card expenditure against supplies and services

Corporate card expenditure as percentage of
supplies and servcies

40%
35%

34%

30%
25%
20%

18%
16%

15%
10%
5%

12% 12%

11%
8%

7% 6%
5% 5%

4% 3% 3% 3%
3% 2% 2%

0%

Departments

0.4%0.2%

Processing costs for Shared Services

1,600,000
142,622

1,200,000
1,000,000

Projected
Savings of
$10.6m

609,297

800,000
1,286,393

600,000
400,000

$16

142,622
-

$14
$12
$10

$8
$6
$4

677,096

200,000

$2

$Current state

Projected state

Purchase-to-pay transactions more than or equal to $5 000

Purchase-to-pay transactions less than $5 000
Corporate card transactions

Processing cost (Millions )

Number of transactions

1,400,000

$18

Delivering services efficiently

Report to Parliament 8: 2012-13
Online Service Delivery

Mayus Nath
Director IS Risk and Data Analytics

Introduction
Strong and growing demand for online public
sector services
Expectation on public sector to offer same speed
and responsiveness as private sector
Efficient and cost effective service delivery
Channel management for optimal mix with the
customer in mind

Audit objectives
Are public sector online services available and
accessible?
Does the public sector have technology
capability and is the information collected
through online services secure?
Are online services cost-effective?

Agencies examined
1. Brisbane City Council (BCC)
2. Smart Service Queensland (SSQ), Department of
Science, Information Technology, Innovation and the Arts
(DSITIA)
3. Department of Transport and Main Roads
4. Department of Tourism, Major Events, Small Business
and the Commonwealth Games
5. Office of State Revenue, Queensland Treasury and Trade
All other departments were surveyed to determine the
current level of services each offered online.

Conclusions
Not meeting increasing customer expectations of
more online service options.
Lack of strategic leadership, central coordination
and failure to update technology.
Credit card holder data collected complies with security
standards, but less assurance that other personal
information collected is well protected.

Most agencies do not record and manage the

cost of delivering services through specific
channels.

Findings
Status of online service delivery was well short
of expectations
Service delivery strategies across the public
sector not coordinated and aligned
Technology capability not sufficient to support
growth of the online channel
Security of non-financial personal information
not robust in two of the four departments audited
Cost data not used to inform channel strategies

Recommendations
Service delivery options
1. DSITIA ensures the central channel strategy includes:
aligning current service delivery options with customer needs,
service characteristics and central priorities
increasing the number of services available online and moving
customers to the preferred channels
a benefits realisation plan and migration plan for each
department
performance indicators to measure the success of the online
channel for satisfying customer needs.

2. Each department develops and implements a channel

strategy consistent with the central strategy.

Recommendations
Technology capability and security of online services
3. All departments document the security design and use
this to identify and mitigate security risks of online
services.
4. All departments and BCC identify cost-effective
technology solutions to expand their online channel and
use authentication services for complex online services.

Recommendations
Cost-effectiveness of online services
5. All departments and BCC collect and use data on cost
and demand to optimise the mix of channels used for
services.
6. DSITIA reviews SSQs business model and costs to
ensure the benefits of using a service provider for
departments are realised.

Further information
For copies of Report 8: 2012-13 Online Service Delivery
please refer to: www.qao.qld.gov.au/report-8-:-2012-13

Delivering services efficiently

Themes from the
Auditor-Generals Report 8: 2012-13

Online Service Delivery

Andrew Spina, Deputy Director-General, Government ICT Division, DSITIA

QAO Client Session 28 Nov 2013

Session Topic
How the Governments One-Stop
Shop program is addressing
some of the key themes in the
AG's Report 8 : 2012-13 Online
service delivery, and how the
agenda of delivering services
efficiently is being progressed.

Overview: Governments One-Stop Shop

The Queensland Government One-Stop Shop Plan 2013-18 provides the direction and future
roadmap for the Queensland Governments service delivery approach. DSITIA is responsible
for its delivery. The Plan is supported by a program of activities to be rolled-out over the next
5+ years which will deliver visible customer improvements alongside efficiency and whole of
government capability building pieces.

One-Stop Shop

Government have committed to focusing on online services through the One-Stop Shop program.

We know that over 90 per cent of enquiries to Queensland Government are basic information
enquiries or simple transactions that customers want to deal with online or at the first point of
contact. Through the One-Stop Shop plan we will make this happen.

At present there are multiple service delivery access points with inconsistent information 146
department websites, hundreds of telephone numbers and 16 contact centres and over 300
counters. Through the One-Stop Shop plan we will address this. For the first time we have a full
list of services across government and how they are being delivered and we will use this to
baseline our success.

We know that 42 per cent of people would prefer to access services online, but there are low
levels of information (40 per cent) and transactions (28 per cent) available online. We are going to
work with you to ramp up online access as a priority.

Our immediate focus

In the next year, our focus is on the availability of online services, while delivering improvements in phone services and
piloting regional service outlets.

One-Stop Shop Governance

The One-Stop Shop Cabinet Submission
outlined the governance structure,
proposed membership and
responsibilities to support the DirectorGeneral (DSITIA), as the accountable
officer, in implementation of the program,
including:

One-Stop Shop CEO Sponsoring

Group
Program Board (with multi agency
participation)
Online service delivery sub committee
& other Workstream/Initiative Boards
Senior Responsible Officers in each
agency.

DG, DSITIA (Accountable Officer)

Sponsoring Group
CEO Sponsoring Group

Executive Sponsors (DSITIA & DPC)

One-Stop Shop Program Board

Program Board - DDG level

Program Director

Agency Senior Responsible Officers

Service Delivery Network

Project Managers

One-Stop Shop Projects

Project Boards

How One-Stop Shop is addressing the

Auditor-General Report recommendations?

Recommendation 1:
Development of a Central Channel Strategy.
A key feature of the One-Stop Shop Plan is a centre-led policy framework
which will provide a set of guidelines, standards and assessment
methodology to ensure a seamless customer experience.
It will cover: channel strategy at whole-of-government and agency levels;
benefits management and realisation; agency service and channel migration
roadmaps; contestable service delivery models; collaboration and sharing of
tools and capabilities; and customer-centric design and continuous
improvement.
All agencies will be responsible for ensuring their services are optimised and
co-ordinated in line with the One-Stop Shop policy framework and that
progress is delivered against the service and channel migration roadmap and
benefits are reported via a One-Stop Shop online dashboard.

Recommendation 1 (ii):
Increasing the number of services available online
and moving customers to the preferred channels
for each service.
The One-Stop Shop seeks to deepen the service content available online
through www.qld.gov.au, and to ensure that information is available to answer
basic enquiries for all services by June 2014. Already agencies are moving
an increasing number of services online. Eg. The Business and Industry
Portal added an additional 153 business and industry services last financial
year and is continuing to grow.
The One-Stop Shop is also seeking to add 200 new online transactions within
its first two years of implementation and includes an active campaign to
increase online customer migration and uptake.
The One-Stop Shop Plan also includes piloting new channels such as social
media, mobile apps and click to chat.

Recommendation 2:
Each department develops and implements a channel
strategy consistent with the central strategy.
Some government departments have already developed their own individual
channel strategies and will need to review these to ensure alignment with the
central channel strategy.
DSITIA is working with most agencies to support service mapping and
channel migration roadmaps.
Each agency will be required to have an agreed service and channel
migration roadmap in place by December 2013 to identify and prioritise future
service provision (with particular emphasis on online service opportunities)
which will inform an agency-specific channel strategy.

Recommendation 3:
It is recommended that all departments document the
security design and use this to identify and mitigate security
risks of online services.
Implementation of this recommendation is undertaken by individual
departments.
DSITIA commissioned an external security expert to audit the current
security design and practices for www.qld.gov.au and developed an
online security plan and implementation schedule for services.

Recommendation 4:
All departments identify cost-effective technology
solutions to expand their online channel and use
authentication services for complex online services.
The One-Stop Shop plan includes a schedule of proposed cost-effective
technology solutions to drive online service delivery over the next three to five
years for all agencies to use.
The One-Stop Shop Plan includes establishment of new whole-of-government
capabilities for customer authentication which will enable customers to apply
for services (ie licences) etc without having to repeatedly provide proof of
name and address. Once customers have registered they can use their
government account across all channels/services.

Recommendation 5:
All departments collect and use data on cost and
demand to optimise the mix of channels used for
services.
The One-Stop Shop Policy Framework will include channel migration planning
and will be supported by a benefits management and realisation framework.
There will be a strong focus on sourcing and using data on costs and
demand.

Recommendation 6:
Smart Service Queensland's business model and costs
are reviewed to ensure the benefits of using a service
provider for departments are realised.
Smart Service Queenslands business model will be considered in the context
of the governments One-Stop Shop Policy Framework and the governments
contestable service delivery framework.

Agency Collaboration
Each agency has nominated a Champion to work with DSITIA to
deliver the One-Stop Shop program.
All agencies are encouraged to discuss any service issues and
service expansion requirements with us.
CFOs and CIOs are encouraged to spend time with their agency
champion and the One-Stop Shop office to get an understanding of
this new service delivery opportunity.

Contact:
Fiona Armstrong
Executive Director, One Stop Shop Strategy and Implementation Office
Fiona.armstrong@dsitia.qld.gov.au