Conflicting and out–of–date internal information policies, multiple databases with varying degrees of security and low staff morale increased the risk of confidential Australian Crime Commission (ACC) intelligence falling into the wrong hands, according to Commonwealth Ombudsman Professor John McMillan.

The Ombudsman today released the findings of a review of the ACC’s policies, practices and procedures for information collection, storage and dissemination. The review was prompted by a request from the ACC’s Chief Executive, following a leak to the media in September 2008 of an ACC document detailing conversations at a Ministerial dinner.

‘The review established that the Australian Crime Commission performs its intelligence gathering role in accordance with its legislation and that it does not appear to hold improper or unauthorised records,’ Professor McMillan said. ‘The creation of the document in question was entirely inappropriate, but seems to have been an anomaly.
‘However, the ACC does need to improve the way it handles sensitive information.’

Professor McMillan said that central to the issue were the conflicting policies, procedures, guidelines and other documents, such as all staff emails from senior management, that the ACC had in place.

‘Staff can be confused about whether the organisation endorses a need–to–share or a need–to–know policy,’ he said.

‘This problem is compounded by a lack of clarity in the ACC’s definition of what constitutes unauthorised access to information, while a lack of transparency in censuring officers found to have breached policy has led to resentment and threatens staff morale.

‘The ACC’s main record keeping database has a default that allows anybody to look at any record, unless the creator has remembered to change the setting to restrict access.’

Professor McMillan acknowledged the ACC’s recent efforts to build a culture of integrity and improve information handling and made six recommendations to assist, including that the ACC should:

The ACC has accepted the recommendations.

The Ombudsman’s report, Australian Crime Commission—Review of collection, storage and dissemination of information, is attached. It is also available from the Commonwealth Ombudsman website.

Media contact: Media 02 6276 3759

Date of release: 27 October 2009

Skip to main content
    0 results available.
      0 results available.
      language assistant menu topper outer language assistant menu topper inner

      Read documents in your language

      If you need more translations, please contact us via: 1300 362 072 or ombudsman@ombudsman.gov.au

      Conflicting and out–of–date internal information policies, multiple databases with varying degrees of security and low staff morale increased the risk of confidential Australian Crime Commission (ACC) intelligence falling into the wrong hands, according to Commonwealth Ombudsman Professor John McMillan.

      The Ombudsman today released the findings of a review of the ACC’s policies, practices and procedures for information collection, storage and dissemination. The review was prompted by a request from the ACC’s Chief Executive, following a leak to the media in September 2008 of an ACC document detailing conversations at a Ministerial dinner.

      ‘The review established that the Australian Crime Commission performs its intelligence gathering role in accordance with its legislation and that it does not appear to hold improper or unauthorised records,’ Professor McMillan said. ‘The creation of the document in question was entirely inappropriate, but seems to have been an anomaly.
      ‘However, the ACC does need to improve the way it handles sensitive information.’

      Professor McMillan said that central to the issue were the conflicting policies, procedures, guidelines and other documents, such as all staff emails from senior management, that the ACC had in place.

      ‘Staff can be confused about whether the organisation endorses a need–to–share or a need–to–know policy,’ he said.

      ‘This problem is compounded by a lack of clarity in the ACC’s definition of what constitutes unauthorised access to information, while a lack of transparency in censuring officers found to have breached policy has led to resentment and threatens staff morale.

      ‘The ACC’s main record keeping database has a default that allows anybody to look at any record, unless the creator has remembered to change the setting to restrict access.’

      Professor McMillan acknowledged the ACC’s recent efforts to build a culture of integrity and improve information handling and made six recommendations to assist, including that the ACC should:

      • develop an overarching information governance policy as a matter of high priority
      • review the guidance given to consultants in relation to the use of ACC information
      • develop a definition for unauthorised information access and enforce it
      • consider improving audit and incident reporting systems.

      The ACC has accepted the recommendations.

      The Ombudsman’s report, Australian Crime Commission—Review of collection, storage and dissemination of information, is attached. It is also available from the Commonwealth Ombudsman website.

      Media contact: Media 02 6276 3759

      Date of release: 27 October 2009