Digital Information Security Annual Attestation Statement for the 2017–18 Financial Year for the Audit Office of New South Wales
I, Margaret Crawford, am of the opinion that the Audit Office of New South Wales had an Information Security Management System in place during the 2017-2018 financial year that is consistent with the Core Requirements set out in the NSW Government Digital Information Security Policy.
The controls in place to mitigate identified risks to the digital information and digital information systems of the Audit Office of New South Wales are adequate.
There is no agency under the control of the Audit Office of New South Wales which is required to develop an independent ISMS in accordance with the NSW Government Digital Information Security Policy.
The Audit Office of New South Wales has maintained certified compliance with ISO 27001 Information technology – Security techniques – Information security management systems – Requirements by an Accredited Third Party during the 2017- 2018 financial year.
5 July 2018