Annual Reports Contents >> DVA Annual Report >> Internal and External Scrutiny >> Internal Scrutiny

Back to section menu

Previous | Next

Internal Scrutiny

Corporate Services Review

In November 1999, the Government issued guidelines for the market testing of corporate support activities for those Departments and agencies subject to the Financial Management and Accountability Act 1997.

The mail and file management services activity was one area identified as a priority for review. A probity plan was developed and a probity adviser engaged to oversee the market testing activity and ensure the fairness, integrity and lawfulness of the process. This included the public request for tender process which sought submissions from potential suppliers of mail and file management services to DVA. The tender process failed to find a tenderer who offered a financially attractive solution and the Department has now established the Records and Mail Management Project to progress the Department’s objective of achieving in-house best practice in mail and file management (see RAMMP, page 124).

During 2001–02, the Department also commenced a review of its financial services, including:

• accounts management;
• Financial Management Information System services;
• procurement services;
• asset management; and
• specialist/ad hoc services.

As part of the DVA/Defence Links Project, the Department of Defence was given the opportunity to tender for the provision of accounts payable services. A Defence bid was accepted to provide services through Queensland Clerical Solutions. Other accounts management activities were excluded from that process on the basis that they do not provide sufficient critical mass to be market tested.

Agency banking and cash management

Following a review of purchase card and transactional banking services, DVA approached the market in a consortium with the Department of Defence and the former Department of Health and Aged Care. A contract was signed with the National Australia Bank on 31 August 2001.

Internal auditing arrangements

DVA carries out a range of internal assurance and review activities, managed by the Strategic Review Services (SRS) team based within the Strategic Support Branch. This includes internal audits, IT audits and advice on internal controls to program areas as required. SRS works closely with other groups within the Strategic Support Branch on corporate governance, risk management, fraud control and related matters.

DVA operates its strategic review services as a partnership with the contracted private sector firm Ernst & Young. This combination of in-house knowledge and external expertise enables DVA to deliver a comprehensive range of audit and assurance services as well as providing broad, flexible coverage of DVA’s operations.

SRS reports to the National Audit and Fraud Committee on a quarterly basis and works closely with DVA’s State Audit and Fraud Committees (SAFCOM) or similar bodies. DVA also maintains a constructive working relationship with the Australian National Audit Office.

National reviews

DVA’s strategic review work program (including IT audits) is approved by NAFCOM. In 2001–02, the key national reviews completed included:

• DVA’s Freedom of Information (FOI) arrangements, which found moderate levels of non-compliance with some of the requirements in the FOI Act 1982 and identified opportunities for DVA to improve the efficiency of its processes. To address the issues raised in the review the Department has developed a comprehensive FOI Manual, scheduled additional training sessions for relevant staff and is currently investigating the feasibility of introducing a single FOI database;
• The Defence Service Homes Insurance Scheme (DSHIS), which found that while the scheme has a range of management systems and controls in place, some of these controls (e.g. bank reconciliations) were not operating regularly and effectively. The review also found that while the IT control environment provided adequate safeguards over the accuracy and integrity of data, some concerns existed over the adequacy of access controls, audit trail functionality and reporting and IT change control management. The DSHIS management team is implementing a number of strategies and controls to increase efficiency and effectiveness of the scheme, including: performance monitoring, claims processing, costing, and payment monitoring, fraud control and risk mitigation;
• Contract management, which found deficiencies relating to inadequate documentation, incomplete information on DVA’s Contracts and Indemnities Register Online (CaIRO), inadequate monitoring of contractor performance and insufficient training and support for contract management personnel. The SRS team is working closely with the Contract Advisory Unit and other internal stakeholders to improve the management of contracts. This includes issuing Better Practice Guides, developing a quality assurance process and providing training sessions for relevant staff;
• Payments made through the DOLARS financial management system, which found a number of procedural and administrative shortcomings, such as a lack of documentation of local procedures in some of the State offices, inadequate monitoring of the use of purchase orders and independent validation of the accuracy of the quality assurance process. A number of initiatives have been introduced by the Department to assist in the development and dissemination of procedural guidance, and to help monitor compliance with existing requirements;
• DVA’s contractual arrangements with VAN service delivery agents, which found that the State offices are effectively managing DVA’s contracts with Centrelink. The review also found broad satisfaction among ex-service organisations and members of the veteran community with the services being provided through Centrelink sites;
• IT infrastructure capacity management, which found that under the contractual arrangements with IBM GSA, DVA did not have sufficient information available or the appropriate technical tools to enable it to adequately monitor infrastructure performance. There was general agreement with the audit findings and recommendations. The issues raised are being included in the contract renegotiation process;
• IT strategic planning, which found that while an industry-accepted approach had been used for the development and maintenance of the DVA IT Strategic Plan, there was some room for improvement in the linkages with business planning areas. There was broad agreement with the issues raised. The departmental strategic planning framework has been strengthened accordingly;
• A post-implementation review of the Integrated Payment System, which found that it had been implemented in accordance with the stated business requirements and was adequately fulfilling its role as a flexible payment system. The internal control environment was stable and together with the controls outlined in the revised Statement of Approved System Controls (June 2001), provided adequate control over the payment process. Minor areas requiring attention were highlighted. There was agreement with the issues raised and appropriate action has been implemented;
• Quality Management Systems (QMS) implemented in the Information Management Unit (IMU), which found that QMS implementation and ISO 9001 accreditation have added value to the IT process in the IMU. Some areas requiring attention were highlighted. The Department has since implemented suitable remedial action thereby strengthening the framework supporting QMS;
• The development and maintenance of computer application system security plans, which found that the control environment for the development, approval and subsequent maintenance of security plans provided sufficient safeguards over the integrity of the process. Areas requiring attention were highlighted. There was general agreement with the issues raised. The Department has taken the necessary steps to implement appropriate remedial action. This has strengthened the administrative framework supporting the security plan development and maintenance process in the organisation; and
• A post-implementation review of the Veterans’ Home Care computer system, which found that the project achieved its primary objective of implementing web-based technology, which allowed certain contracted agencies to assess veterans’ needs, approve services, generate care and service plans and claim for payment on-line. Some areas requiring attention were highlighted. There was general agreement with the findings and recommendations. The Department has implemented suitable remedial action and these improvements have been reflected in subsequent releases of this system.

State-based reviews

In addition to the national reviews, each State office conducts a program of local reviews. These reviews typically address State-specific operational issues, with reports provided to State office management, and where relevant, to other interested stakeholders. Some of the reviews completed during the year were:

• a combined review of employee travel, attendance and leave recording and use of the Australian Government Credit Card in the NSW State office. The review found that the management controls over these activities are generally adequate and effective. However, the review identified several areas where the control environment could be improved;
• the Repatriation Transport Scheme in the NSW State Office, which identified a number of issues that needed to be addressed at a National or State level, including quality assurance and monitoring, approval and verification of travel and reconciliation procedures;
• the use of Commonwealth motor vehicles in the Western Australia State Office, which identified aspects of non-compliance (or inadequate compliance) with DVA’s Chief Executive Instruction on the Use of Commonwealth Motor Vehicles;
• the contract management of private hospitals in the South Australia State Office, which found that hospital contracts were being managed and monitored appropriately. However, the review also identified a number of opportunities for DVA to enhance its management and monitoring processes;
• the Debt Management Unit in the Victoria State Office, which noted that a comprehensive policy and procedure manual was available to staff involved in assessing and recovering debt and recommended:
  • implementing a formal quality review of detailed aged debtor reporting;
  • establishing performance targets on debt collection;
  • the recording of collection action in DMIS; and
  • using Veterans’ Information Enquiry Window (VIEW) to record review dates;
• grant administration in the Tasmania State Office, which found that grant administration is being managed satisfactorily. However, a number of areas that should be addressed by management were identified and the report made nine recommendations for improving the current procedures for managing grants.

Reviews in progress

At the end of 2001–02, reviews in progress included:

• a national review of the financial management;
• a review of MCRS payment systems;
• a national review of contract management of private hospitals; and
• a national review of Quality Assurance in Income Support and Compensation.

Recommendations follow-up

All recommendations arising from internal and relevant ANAO reviews are recorded and subjected to a regular follow-up regime to ensure implementation. This includes comments being sought regularly from appropriate business managers in relation to what action is being taken, or has been taken, in response to the various recommendations. These comments are incorporated into a report for the next available NAFCOM meeting.

Once NAFCOM is satisfied that appropriate management action is in progress in relation to various recommendations, then there is no further need to report to NAFCOM on their status, although the SRS team continues to monitor implementation until action is complete. Should progress on implementation stall to the extent that the SRS team has concerns, then the issues are brought back to the committee for its attention.

Risk management

As part of the development of its national and state work programs for 2002–03, SRS updated DVA’s residual risk profile, identifying key risks that need to be actively managed by DVA through the development of cost-effective treatment plans to reduce all residual risks rated as ‘high’ or ‘significant’. As well, the risk data collected during this process was used to construct an inventory of all high and significant inherent risks which were utilised by SRS to develop its work programs for 2002–03 and to be used by line areas in on-going business planning and risk management.

During the year, SRS conducted specific risk assessments for high-profile projects such as the pricing review for private hospital contracts in South Australia. Contributions also were made towards the implementation of DVA’s Risk Management Plan and the integration of risk management into business planning.

Information technology audit

During 2001–02, the IT audit team participated in a number of systems development activities including:

• provision of advice and assistance to business areas with regard to Financial Management Act certification of computer application systems; and
• review of a number of information technology systems under development such as RAPTOR, HOTSPUR, IDMS and SOCS.

In addition, the team provided advice and assistance concerning technical audit related matters to various areas of DVA.

Fraud control

The National Fraud Control Unit (NFCU) provides advice and services in regards to fraud investigations and other fraud control activities. The unit trains staff in fraud prevention, detection and investigation techniques. A number of presentations on Fraud Awareness and Ethics were also delivered to departmental staff, members of the ex-service community and providers.

In May 2002, the Minister for Justice and Customs issued revised Commonwealth Fraud Control Guidelines. These introduced new reporting requirements and minimum levels of qualifications for staff whose duties predominantly involve investigations or fraud control activities.

The NFCU conducted investigations on a range of suspected frauds by veterans, providers, staff and others. 2001–02 saw an increase in the unit’s caseload, resulting in part from the unit now investigating all suspected frauds arising from the Department’s data matching program.

The Strategic Support Branch provided secretariat services to NAFCOM and reported to the committee on the implementation of the DVA Fraud Control Plan 2001–03.

A review of the unit was completed in June 2001 by the Centre for Investigative Studies and Crime Reduction, Charles Sturt University. The centre made 13 recommendations to improve the functionality and operation of the unit.

These recommendations were progressively implemented during 2001–02, with three outstanding as at 30 June 2002.

Nineteen prosecutions were successful in the courts, with offences covering such matters as failure to declare assessable income, veteran travel fraud and false claims for payment by providers or staff.

Details of all incidents and actions are recorded in the Fraud Control Management Information System.

During 2001–02, the ANAO commenced an audit of DVA’s fraud control arrangements.

Table 83: fraud control detection and prosecution activities

During the year approximately $890 000 was recovered as a result of investigations into suspected frauds.

Back to section menu

Previous | Next

Top of Page