Digital Information Security Annual Attestation Statement for the 2016–17 Financial Year for the Audit Office of New South Wales
I, Margaret Crawford, am of the opinion that the Audit Office of New South Wales had an Information Security Management System in place during the 2016–2017 financial year that is consistent with the Core Requirements set out in the NSW Government Digital Information Security Policy.
The controls in place to mitigate identified risks to the digital information and digital information systems of the Audit Office of New South Wales are adequate.
There is no agency under the control of the Audit Office of New South Wales which is required to develop an independent ISMS in accordance with the NSW Government Digital Information Security Policy.
The Audit Office of New South Wales has maintained certified compliance with ISO 27001 Information technology – Security techniques – Information security management systems – Requirements by an Accredited Third Party during the 2016–2017 financial year.