Half of Queensland’s public service finance systems are overdue for replacement and can no longer be supported by software providers, an audit has found, raising alarms about cybersecurity risks that leave the state government vulnerable to malicious actors.

The report from the Queensland Audit Office, released on Wednesday afternoon, looked at information systems across government departments, statutory authorities and government-owned corporations.

The auditor-general did not make any new recommendations, but instead highlighted many of the problems identified in previous years had not been fixed, and found many entities were not fully tackling root causes because of competing priorities.

“A significant number of deficiencies remain unresolved from prior years, suggesting that entities are not addressing IT risks in a timely way,” the report says.

Finance systems came in for particular scrutiny, with half being used “well beyond their expected lifespan”, forcing public servants to use manual workarounds and miss out on security updates.

Many of the IT systems identified 13 years ago as being in need of replacement by 2022 had not been replaced, including Queensland Health’s Hospital Based Corporate Information System, used for patient administration, and AUSLAB, used by pathology and forensic laboratories.

Responsibility for coordinating the government’s approach to updating IT systems falls to the Department of Customer Services, Open Data and Small and Family Business, which was given $1 billion for a “digital fund” in this year’s budget.

Announcing the funding, Customer Services and Open Data Minister Steve Minnikin said he wanted fewer cost blowouts and project over-runs.

“We mean it when we say we have a greater respect for Queenslanders’ money,” he said.

Start the day with a summary of the day’s most important and interesting stories, analysis and insights. Sign up for our Morning Edition newsletter.