Follow-up audit of awareness of privacy obligations
On Tuesday, 23 March 2021,the Speaker of the Queensland Legislative Assembly tabled our report in Parliament detailing the progress three government agencies have made in implementing the recommendations of our 2018-19 audit. Our audits have helped agencies entrusted with personal information improve their practices to minimise the risk of harm to the community.
Over the last two years, the audited agencies have implemented all 12 recommendations. This means the strategy of training and educating staff to mitigate information privacy and information security risks is more effective.
The three agencies now mandate periodic refresher training and have set up systems and processes to monitor and report on completed training. They have also updated their training material to better reflect policies and procedures and include practical scenarios.
All Queensland government agencies should assess their progress against the four recommendations to all agencies we made in 2018-19 to reduce the privacy risks, including human error and evolving information security challenges.