Media release: Follow-up audit report – Ipswich City Council
Queensland’s Office of the Information Commissioner’s follow-up audit report of Ipswich City Council was tabled in Parliament today (17 June 2020).
This report presents our findings on the council’s progress in implementing the 12 recommendations of our 2017-18 audit of compliance with the Right to Information Act 2009 (Qld) and the Information Privacy Act 2009 (Qld).
The Information Commissioner Rachael Rangihaeata said, “Ipswich City Council has made progress in implementing all the recommendations of our original compliance audit. However, there is more work to do to improve the council’s information governance and management, and its systems to process access and amendment applications.”
The council shared more information with the community through its website, including its open data portal. Making the maximum amount of significant, appropriate and accurate information available to the public through council’s publication scheme and website is a critical element of an agency’s openness and transparency.
“Our report highlights key right to information and privacy practices all councils and Queensland government agencies must have in place to be support legislatively compliant processes and meet community expectations. ICC must continue its efforts to fully implement all recommendations to enhance its openness, transparency and accountability to build trust.”
We assessed eight recommendations as fully or partially implemented and three recommendation as in progress, based on the work the council has done since our original audit. Most notably, the council:
- transformed its website and increased proactive disclosure of information online, thus improving its accountability and transparency
- is raising awareness and educating its employees about their general right to information and information privacy obligations; however, it needs to tailor this training specific to the needs of the council
- has strengthened its operation and management of its surveillance cameras and portable audio-visual devices
- has conducted privacy impact assessments of its different camera networks.
There is more work to do to improve the council’s information governance and management. The council has a draft Information and Knowledge Management Strategy and Governance Framework. Overall, the framework is consistent with the aims and objectives of the Right to Information Act 2009 and the Information Privacy Act 2009.
The council has not yet classified its information assets to ensure it publishes the maximum amount of significant, appropriate and accurate information. However, it has developed an information asset model as part of the foundation work to begin classifying the information assets and finalising an information asset register.
The council still has more to do to ensure that the template notices, manual and work instructions support legislatively compliant application handling.
Steve Haigh, Manager Training and Stakeholder Relations