Information Sheet Element 3 – Reviewing control effectiveness

This information sheet forms part of a series of resources to help officials understand and implement the new Commonwealth Fraud and Corruption Control Framework. To access other information sheets, go to Fraud and Corruption Control Framework.

Purpose

This information sheet will help Commonwealth officials understand how to:

• identify which fraud and corruption controls to test
• develop testing approaches that suit the needs, resources and capabilities of the entity
• test control effectiveness, including how often
• identify who should undertake control effectiveness testing
• manage control vulnerabilities.

At a glance

• Reviewing control effectiveness involves regularly testing controls to ensure they are designed correctly and operate effectively to reduce or manage risks.
• Control testing processes and procedures should be in line with an entity’s needs and risk-profile, prioritising critical controls and areas most vulnerable to fraud and corruption.
• This includes using a range of different testing methods to examine how controls work, identify vulnerabilities and challenge assumptions about how fraud and corruption is managed in an entity.
• Entities should incorporate reviews of control effectiveness into their risk framework and governance structures.

Related links

• Learn about the Fraud and Corruption Control Framework
• Commonwealth Fraud and Corruption Control Framework 2024
• Information Sheet: Element 1 – Fraud and corruption risk assessments
• Information Sheet: Element 2 – Fraud and corruption control plans
• Information Sheet: Element 4 – Governance and oversight
• Information Sheet: Element 5 – Preventing fraud and corruption
• Information Sheet: Element 6 – Detecting fraud and corruption
• Information Sheet: Element 7 – Investigation and other responses
• Information Sheet: Element 8 – Recording and reporting fraud and corruption