Slide 1 Security of Government Buildings Tabled 29 May 2019 This presentation provides an overview of the Victorian Auditor‐General’s report Security of Government Buildings .
Slide 2 Focus of this audit Department of Department of Department of Justice and Treasury and Health and Community Finance Human Services Safety (DJCS) —Shared Service Focus (DHHS) Provider (SSP) Is government office accommodation sufficiently Are governance arrangements effective? secure against unauthorised access and antisocial behaviour? Do security measures keep government accommodation sufficiently secure? 2 Our overall audit objective was to determine whether government office accommodation is sufficiently secure to prevent unauthorised access and antisocial behavior. Government office security is important for protecting the safety of staff and visitors as well as protecting information and assets within the building. We examined the Department of Treasury and Finance’s (DTF) Shared Services Provider (SSP). DTF is the responsible department for coordinating government office accommodation and managing the State Purchase Contract for security services. We selected the Department of Health and Human Services (DHHS) and the Department of Justice and Community Safety (DJCS) as two case study examples.
Slide 3 What we found Physical and protective security governance arrangements are not effective; there is no statewide leader A weak security culture undermines the effectiveness of security infrastructure and measures 3 Security threats are a real everyday risk to government agencies. We found that Victoria's current security governance arrangements are not effective as there is no statewide leader. Then, at the department level, weak security cultures undermine the effectiveness of the security infrastructure at the audited facilities.
Slide 4 Protective Security Protective Security Governance Information and Physical security Personnel security ICT security 4 Government agencies keep their people, information and assets secure through protective security. Physical security is one of three protective security domains, together with personnel and information security. Physical security is the first layer of defence to prevent unauthorised access to buildings and protect staff against occupational violence.
Slide 5 Physical Security Infrastructure Policies Procedures Policies Procedures Infrastructure Physical security Physical security 5 Physical security measures include policies (such as a clear desk policy), procedures (such as visitor and contractor sign in using personal identification), and infrastructure (such as barriers).
Slide 6 Leadership No statewide leadership No statewide security policy Inconsistent departmental practices 6 There is no statewide leader to provide strategic direction, oversight and coordination of protective or physical security. The SSP, as a service provider, is responsible for the security operations of its clients, and is not a policy lead for physical security. The state does not does not have a whole‐of‐government principle‐based security policy that includes all stages of security management. In the absence of statewide leadership, we found two different approaches to physical security at the department level. DJCS has made positive steps towards developing department‐wide policies and procedures for security management, but DHHS has not developed its security policies and procedures, exposing it to higher risks.
Slide 7 Ineffective governance arrangements Limited risk assessment and security Limited security awareness training planning Weak security culture Roles and responsibilities not clearly Incident reporting, monitoring and understood; limited strategic evaluation not mature or integrated communication 7 Overall, we found a weak security culture and ineffective governance arrangements because audited departments do not undertake regular, comprehensive risk assessments, which limits the effectiveness of subsequent security planning. We also found that roles and responsibilities for security management between the SSP and audited departments are not clear. Additionally, audited departments have not rolled out security awareness training, and there are no integrated systems for reporting or monitoring security incidents. SSP data for July to December 2018 shows that the most common recorded incident type relates to staff safety, while medical incidents are also common. Incidents relating to the physical security of office accommodation — such as unauthorised access, access control, suspicious activity or suspicious packages — were reported less frequently, but still occurred in this period.
Slide 8 Security services management Departments Not always a No whole‐of‐ engage security timely or risk government services based approach to approach for independent of security services alarm monitoring the SSP management or maintenance issues 8 The state has limited visibility and control over the management of security services. This is because the SSP has no oversight of security services that departments independently engage. We also found that the management of security services is limited in responding to security concerns in a timely and risk‐based manner. There is also no whole‐of‐government state purchase contract for security systems such as alarm monitoring and maintenance, which is a lost opportunity for cost efficiency.
Slide 9 Physical security testing Engaged a consultant to test security at selected DHHS and DJCS locations Gained access to all locations—staff did not understand their role in maintaining security or comply with processes Accessed master keys Accessed unsecured sensitive information Several moderate breaches 9 We tested physical security at selected DHHS and DJCS locations. While we observed some good behaviour, such as staff questioning and requesting identification, we also identified some significant security risks. We gained access to staff‐ only areas at all the sites and found sensitive information outside an office. This is because staff do not fully understand their role in maintaining physical security or comply with established processes. In addition to this, we observed several risks of a more moderate nature. For example, lax processes for visitor or contractor sign in and approval.
Slide 10 Recommendations 8 2 recommendations for DTF recommendations for DHHS and DJCS • Develop a statewide principle based physical • Promote a strong security culture and good security policy governance • Finalise accommodation guidelines • Implement and enforce clean desk and clear screen policies • Improve statewide security incident reporting • Improve strategic communication 2 recommendations for DHHS • Develop KPIs for security services management • Develop design standards for accommodation • Provide agencies with terms and conditions in planning and office refurbishments the accommodation leases and Security Services State Purchase Contract (SPC) • Develop a governance structure for security management, including clear accountability and • Explore options for a security monitoring and executive oversight maintenance SPC 10 We made eight recommendations to the Department of Treasury and Finance, related to: • establishing leadership and policy for physical security • improving physical security governance, including incident reporting and strategic communications • improving transparency of the terms and conditions of the Security Services SPC and accommodation leases. We made two recommendations to DJCS and DHHS about strengthening security governance and culture. We made two further recommendations to DHHS, to establish governance structures, executive oversight and office accommodation planning guidelines. The Department of Premier and Cabinet, although not an audited agency, agreed to collaborate on a statewide security policy.
Slide 11 For further information, please view the full report on our website: www.audit.vic.gov.au 11 For further information, please view the full report on our website: www.audit.vic.gov.au
Integrating Local and Remote Meeting Participants Kris Schulze , MNIT Experience IT Program Manager Jay Wyant , MNIT Chief Information Accessibility Officer Twitter: @kris_schulze @jay_wyant Meet demands for online meetings and broadcasts? How
943 views • 33 slides
Acquisition of student accommodation portfolio in the UK 23 December 2019 Singapore Press Holdings Limited Key highlights of acquisition 448 million 1 acquisition doubles SPHs student accommodation portfolio to S$1.4 billion Total
826 views • 10 slides
Boyd House (985 Duchess Avenue) Heritage Revitalization Agreement Bylaw & Heritage Designation Bylaw Public Hearing Presentation January 13, 2020 Erik Wilhelm, Senior Community Planner west vancouver ~ ~ ~ Subject Property ,ces
891 views • 9 slides
To Accommodate or Not To Accommodate? Americans with Disabilities Act Update Speakers Leiza Dolghih Tracy Graves Wolf Jonathan D. Plotkin Board Certified Board Certified VP, Senior Counsel Lewis Brisbois Lewis Brisbois Rexel USA, Inc. 2
679 views • 43 slides
University of Tasmanias management of student accommodation Report of the Auditor-General No.2 of 2019-20 Todays presentation Objective and scope of the audit Audit approach Auditor-Generals conclusion Major themes
696 views • 35 slides
March 2012 Company presentation 2 Disclaimer All statements in this presentation other than statements of historical fact are forward-looking statements, which are subject to a number of risks, uncertainties, and assumptions that are
434 views • 31 slides
Housing Forum 2018 Finding Private Sector Accommodation Finding Private Accommodation When, Where and How to find accommodation? Housemates who to live with Alternative options Viewings Upfront costs deposit and fees
1.01k views • 35 slides
FULL YEAR RESULTS TO 30 TH NOVEMBER 2015 PRESENTATION Agenda 1. Highlights 2. Financial Results 3. Operational Review 4. Outlook Comparative information: 1. During the period we were required to adopt IFRS 10 Consolidated Financial
949 views • 46 slides
ADA/FEHA NAVIGATING THE DUTY TO "REASONABLY ACCOMMODATE" & ENGAGE IN THE "INTERACTIVE PROCESS" Presented by: Roxana E. Verano, Esq. and Kristina Kourasis, Esq. Landegger Baron Law Group, ALC Employment Law 1
591 views • 25 slides
Defending Unlawful Detainers with Reasonable Accommodation Requests Ca ro lyn Go ld, E sq Justic e & Dive rsity Ce nte r E rin K a ta ya ma , E sq . Ho me le ss Advo c a c y Pro je c t Session Overview 1.An Ove r vie w of Re
1.05k views • 45 slides
Disability related academic accommodations Provosts 504 Memo Email sent through RIT Message Center before fall term; posted on Provosts site in Administrative Policies area: It is every faculty member's responsibility to
962 views • 13 slides
Reading: Monday, April 6, 2020 Math: Tuesday, April 7, 2020 The Stanford Achievement Test has been administered and implemented for over 80 years. This test now offers a state-of-the-art tenth edition. It measures student progression toward
301 views • 18 slides
Ticket to Work and Reasonable Accommodations Date: Wednesday, July 25, 2018 Time: 3 4:30 PM ET Produced at U.S. taxpayer expense. Accessing Todays Webinar (Slide 1 of 3) You can manage your audio using the audio option at the top of
697 views • 52 slides
Accommodations For Students With An IEP or 504 Plan & How To Help Your Child February 1 , 2018 Testing Window April 16 - May 25, 2018 Unit Timing- Grade 3 Unit Timing - Grades 4-5 Unit Timing - Grades 6-8 Unit Timing- Grades 9-11
844 views • 37 slides
Arlington Public Schools - CIP Process John Chadwick, Assistant Superintendent, Facilities and Operations Cooperation and coordination with Arlington County In 2012 APS switched from a 6 year to a 10 year CIP cycle, aligning with Countys
211 views • 19 slides
Rachel Schles NCDB 7/18/2018 Handout 1 Page 1 of 6 Raschles@gmail.com Why Use Portfolios / Rubric Based Projects and Project Based Learning? Activities are tailored to student needs (based on data collected in EA/ECC Screening Tools,
185 views • 6 slides
31.7.2018 TOPICS ABOUT PREMIKI GOOD EXAMPLES OF ACCESSIBLE ACCOMMODATION Social enterprise institute, employment center, travel agency for accessible GOOD EXAMPLES CITY OF LJUBLJANA tourism, travel agency for classical
406 views • 7 slides
LESSONS LEARNED FOR PRESENTATION TO SEAFARERS (FSI 20) 1 FATALITY Very serious casualty: fire in crew accommodation and death of an oiler What happened? On a 17,000 gt cement carrier, while in port, a fire broke out within the crew
768 views • 27 slides
Accommodation New Builds Upgrades Room-in-a-box Introduction New Builds Upgrades Room-in-a-box Contact The Aiken Group Aiken Group was founded in 1987 as a multi-disciplinary engineering services company specialising in
828 views • 26 slides
CRICOS No. 00025B Welcome to UQ Pre-departure briefing for international students Pre-departure Checklist Before you Arrive Before you Arrive Accept your offer Starting at UQ Apply for a student visa my.uq.edu.au/starting-at-uq
1.01k views • 49 slides
2020-2021 Reopening Plans July 15, 2020 High-performing A-rated District 1 High-performing A-rated District Roadmap to Reopening: SDPBC 2020-2021 School Year Creating a Path Data Forward Informed How do we Approach determine when a How
979 views • 52 slides
Disability Services and the College Credit Plus (CC+) Student College Credit Plus (CC+) Student and Parent Orientation What is Disability Services? Disability Services is the college office that approves accommodations for any student
884 views • 13 slides
MERLIN ENTERTAINMENTS 2018 INTERIM RESULTS PRESENTATION Anne-Franoise Nesmes, Chief Financial Officer MERLIN ENTERTAINMENTS PLC MERLIN ENTERTAINMENTS PLC Peppa Pig Land, Gardaland, Italy FORWARD-LOOKING STATEMENTS DISCLAIMER The
660 views • 39 slides
Supported Independent Living (SIL) What will NDIS fund to support participants to live independently? Capacity building supports Home modifications Support with personal care Domestic assistance Supported Disability
738 views • 21 slides