CONTINUEThis site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.


Close

Password Reminder

Please enter your email address to receive a password reminder.

 

Log into Tax-News+
Not registered yet? Find out about our daily news alert service »

Email Address: 
Password: 

Login »

Forgotten your password?


Today’s Top Headlines




ATO Told To Strengthen Cyber Security Safeguards

by Mary Swire, Tax-News.com, Hong Kong

15 March 2017

The Australian National Audit Office (ANAO) has said that the tax office must improve its cybersecurity arrangements.

The objective of the ANAO's cybersecurity audit was to assess whether the Australian Taxation Office (ATO), the Department of Human Services, and the Department of Immigration and Border Protection have implemented four key strategies to minimize risk: application whitelisting; application patching; operating system patching; and minimizing privileged user access.

The ANAO said that the ATO has security controls that provide a reasonable level of protection from breaches and unauthorized disclosures of information from internal sources. However, it also concluded that there is insufficient protection against cyber attacks from external sources. To achieve "cyber resilience" status, the ATO would need to improve its governance arrangements and prioritize cybersecurity, it said.

The ANAO recommended that the organizations concerned periodically assess their cybersecurity activities to provide assurance that they are accurately aligned with the outcomes of the Government's mitigation strategies, and their own IT security objectives. It added that the organizations should improve their governance arrangements by: making cybersecurity a priority; ensuring appropriate executive oversight of cybersecurity; implementing a collective approach to cybersecurity risk management; and conducting regular reviews and assessments of their governance arrangements.

The ATO agreed with both recommendations. It said: "We consider and manage risks associated with new technology to protect the integrity of the tax and superannuation systems and work across government to strengthen the security of digital services."

"The ATO has committed additional resource and focus to address deficiencies and reach a greater level of cyber resilience. Immediate improvements have already been put in place with a commitment to reach cyber resilience status in 2017," it added.

Through its electronic lodgment systems, the ATO collects over AUD440bn (USD334bn) in gross tax revenue annually.

TAGS: tax | audit | Australia | internet | services | Tax

To see today's news, click here.

Leave a comment

Read our Posting Guidelines