In a letter addressed to Mayor Teresa Harding, QAO director Lisa Fraser said a number of issues were found, however none were of major concern to the independent public sector auditor.

“I can confirm that we have not identified significant issues since the presentation of our closing report,” Ms Fraser wrote.

“The issues and other matters we have formally reported to management and an update on management’s actions taken to resolve these issues.”

An overview document of the audit, released on November 29, reported one “medium” level financial problem, 10 internal control deficiencies and one miscellaneous issue.

The financial issue related to $1.464 million in revenue not being accurately reported in the correct financial year.

“Our sample testing of revenue from developer-contributed assets identified five instances where revenue was recorded in 2022, however the assets ‘on maintenance’ date was in a prior financial year,” the report said.

“A similar deficiency was reported in 2020.”

Council agreed to continue to conduct a review of its processes and ensure revenue contributed by developer and contributor assets were recorded accurately.

The QAO also found 14 high-level network accounts were insecure and online payroll and HR applications were vulnerable to cyber attacks, which resulted in new password requirements to help protect data safety.

Also, Council was now adequately documenting all internal reviews as they “sometimes lacked detail and there was a lack of a formal process for retaining evidence”.

Council management advised the QAO significant progress had been made in rectifying the issue, by October 31.

The report found HR had access to payroll and could make changes to pay rates due to a lack of segregation between the two roles.

The council was also pulled up on an issue first flagged by the QAO in a 2019 audit, which found rigorous checks were not carried out on construction invoices.

“Developers engage engineers to advise quantities and values of assets contributed to Council and that Council does not perform detailed checks or reasonableness checks over unit rates and valuations provided,” the QAO said.

However, it was noted the council began assessing the valuation of council engineers to a high level and the process issue would be completely resolved by June, 2023.

“Now that Council had introduced (a new) methodology from July 1, 2021, finance and asset management will be able to perform a more detailed analysis,” the report said.

QAO director Lisa Harding told the ICC that, as per usual, the results of the audit would be reported to parliament.

“We will comment on the results of our audit of (the ICC) financial report, any significant internal control issues we identified and the overall results of the sector including major transactions and events,” she noted.

The documents were made public under requirements of the Local Government Regulation Act (2012), which required councils to disclose the report findings during the next ordinary meeting.

The audit cost ratepayers $312,000.

More Coverage

Ipswich’s hometown power players you have never even heard of

Peta McEachern

Originally published as Ipswich council audit reveals cyber attack risks, $1m accounting error