The Commission recommends:

  • that public authorities ensure confidential material used for an audit by the OAG remains confidential at the conclusion of the audit.
  • public authorities consider their policies with respect to securing confidential information and ensure that regular internal checks are conducted to identify and deter unauthorised accesses and disclosures.
  • public authorities consider whether there are gaps in the security of confidential information and, if so, engage in training and education initiatives to raise awareness around identification, detection, prevention and reporting information misuse.