In his latest report, state auditor general Colin Murphy has looked into the licensing of security workers and the disposal of government computer hardware.
In his latest report, state auditor general Colin Murphy has looked into the licensing of security workers and the disposal of government computer hardware.
Below is the full release:
There are more that 15,000 people in Western Australia who are licensed to provide security services. The public relies on these people to secure their safety and their property.
In a report tabled in parliament today the Auditor General Mr Colin Murphy said that whilst he found no indication that agencies allowed people who had not met the required character and competency standards to enter the security industry there was still room for improvement in some areas.
The study examined how the Western Australian Police, Department of Corrective Services, Department of the Attorney General, the Public Transport Authority and the Gaming and Wagering Commission assessed the suitability of personnel and monitored compliance.
Mr Murphy found that agencies were generally obtaining all the information required by legislation and their own internal policies to assess the suitability of applicants and then used the information to properly assess individual applicants. However, some opportunities for improvement were noted. In particular by the Western Australian Police (WAP) who were not collecting or rigorously assessing all information about security agent businesses.
Mr Murphy also found that WAP did not always follow up incident reports, monitor compliance or have adequate internal controls to ensure licensing decisions were consistent and appropriate.
The Western Australian Police have acknowledged the Auditor General's findings and have advised that they are in the process of implementing his recommendations. In addressing these issues they have established a Licensing Enforcement Division to provide consistent management to WAP's regulated industry enforcement and compliance obligations and to monitor potential emerging risks in this area.
Whilst screening processes in all other agencies were adequate Mr Murphy noted that the Department of Corrective Services did not use all of the information at hand to conduct their checks. He has recommended that they tighten up on their referee and criminal history checks especially when public prison officers are redeployed, transferred or promoted.
Every day the Western Australian Public Sector processes large amounts of information - much of it highly sensitive and confidential. A large portion of this information is created and stored on computer hard drives. When government agencies upgrade their computers the old computers are disposed of in a number of ways including sale at public auctions, donation to schools and charities or physical destruction. It is critical that any sensitive information is removed from the hard drives prior to disposal.
In a recent examination of how effectively agencies were removing data prior to disposing of old computers the Auditor General Colin Murphy found that 4 out of 10 ex-government computers purchased at auction contained recoverable data. This data included information about public sector employees such as salary and superannuation information, home addresses and date of birth; detailed technical information about agencies IT systems and documentation about their internal software development projects.
In his report tabled in parliament today Mr Murphy said that none of the seven sampled agencies had comprehensive policies and procedures for secure removal of data from computer equipment prior to disposal. He went on to state that while all agencies did have a process in place it was inadequate or was not consistently applied.
He also found that government guidance on appropriate methods of removing data from computers prior to disposal was limited. He said: "this has contributed to some agencies using methods that did not provide adequate security while others arguably exceed reasonable requirements".
As a result of the Auditor General's examination the State Records Office in consultation with the Office of e-Government has updated guidelines to assist government agencies with implementation of best practices when disposing of hard drives and other electronic media.
