Audit Office said non-corporate Commonwealth entities have not been held to account for not meeting mandatory cybersecurity requirements under the Protective Security Policy Framework, specifically the mandate to safeguard information from cyber threats.
Article Link: ANAO: Auditing not driving improvements in Commonwealth cybersecurity adherence | ZDNet