Despite a string of reports warning of the need for local government to improve cyber security, the latest performance audit indicates that councils are still exposing themselves to malicious activity by failing to manage risks.
The NSW auditor general looked at how effectively three councils – City of Parramatta, Singleton and Warrumbungle Shire – were managing cyber security risks.
While the focus was on those three councils, auditor Margaret Crawford said her findings and recommendations were likely to be relevant to most local councils across NSW.
The audit also called out the Office of Local Government Cyber Security NSW for failing to provide sufficient guidance and support for the local government sector.
The report said each of the selected councils took measures to improve their cyber security during the audit period, but the audit still found significant gaps in cyber security risk management and cyber security processes.
“The three councils are not effectively identifying and managing cyber security risks,” the report says.
“As a result, councils’ information and systems…
