Corporate Support Functions

Internal audit

During 2012-13, the department’s internal audit function was co-sourced with the private sector and the Executive Director, Business Services filled the position of the DPC Head of Internal Audit. The function provides independent and objective assurance to the Director-General that the department is operating efficiently, effectively and economically. It assists the department in achieving its objectives by systematically evaluating and recommending improvements to the department’s risk management, internal control systems and governance processes.

The internal audit function operates independently of the activities it reviews, of management and authorised external auditors, and under an Internal Audit Charter consistent with relevant audit and ethical standards, approved by the Corporate Governance Group

The function operates in accordance with the Strategic and Internal Audit Plan approved by the Corporate Governance Group. The Plan is informed by agency strategic and operational risks set out in the business areas Risk Registers, in order to identify and focus on areas of significant operational and financial risk. Processes are also strengthened by the department’s Risk Management Framework.

Significant achievements of DPC’s internal audit function during the year include the successful implementation of a more cost-effective internal audit service delivery model by accessing the broader skill base of a private sector firm; the commencement of a process of renewal of the Audit and Risk Management Committee in order to increase the proportion of external members; and the completion of a full review and refresh of all internal audit and risk management documents and processes in line with better practice.

In the development of the department’s internal audit and risk management processes, due regard has been given to Queensland Treasury’s Audit Committee Guidelines.

Risk management

The department’s risk management process provides a systematic and consistent approach to managing risks. During 2012-13 the department’s risk management process was applied through the department’s revised Risk Management Framework.

Executive management participated in a strategic risk assessment workshop to identify risks that might impair the department’s ability to achieve objectives outlined in the department’s Strategic Plan.

From 2013-14, risk management processes will be integrated into the Department’s corporate governance framework through inclusion in strategic and business planning processes and business units will regularly review and update their risks.

Recordkeeping

The department continues its commitment to provide quality recordkeeping through the provision of policies, processes and systems to support decision-making and accountability.

In 2012-13, the following initiatives and activities were undertaken:

• conducted a comprehensive quality assurance program to ensure data integrity in the HP TRIM eDRMS and to address security and access issues identified in the audit of Information Standard 18: Information Security Compliance
• provided TRIM eDRMS services to the Office of the Governor
• provided assistance to Cabinet Services in the migration to a new secure business system based on TRIM eDRMS
• developed recordkeeping and TRIM awareness content for inclusion in the induction package for new departmental employees
• delivered updates to TRIM training packages, Quick Guides and user manuals for general and specific TRIM user groups
• implemented the department’s functional Retention and Disposal Schedule
• created and updated relevant policies and guidelines to ensure information management compliance with the provisions of the Public Records Act 2002, Information Standard 40: Recordkeeping, and Information Standard 31: Retention and Disposal of Public Records.

In 2013-14, a key priority will be a review of departmental processes to facilitate a ‘paper lite’ environment, including the development of a digitisation disposal policy.

Business systems

The department purchases transactional processing services from Queensland Shared Services and uses the whole of government SAP and Aurion systems for finance and human resource management respectively.

The department utilises TRIM for eDRMS. This system provides secure, effective and efficient management of correspondence, documents and records.

As the principal information system used to record historical and proposed Cabinet business of the Corporate support functions government, a new TRIM Cabinet Information System (TCIS) was implemented in 2012-13.This business system has enhanced information security and business functionality. Access to the system by departments is administered by Cabinet Services.

External scrutiny

In 2012-13, the following external reviews were conducted by the Queensland Auditor-General:

• a cross-sector review of the effectiveness of fraud controls identified opportunities in Queensland government agencies to target at-risk areas
• a review of the Drink Safe Precincts trial identified opportunities to improve planning, implementation and evaluation of projects, programs and trials.