2. Administration
   1. In undertaking the No. 20 review of the administration of the six National Intelligence Community (NIC) agencies for the 2020-21 financial year, in addition to reporting on continued areas of interest, the Committee requested that submissions include information on the following topics:

• strategic direction and priorities;
• changes (if any) to the structure of the organisation;
• corporate governance, including information about compliance performance, risk assessment and risk management;
• legislative changes that have impacted on administration of the agency, including as appropriate, the frequency and nature of use of any new powers, staffing implications, training, the role of legal officers and need for specialist staff, and the relationship with outside agencies such as police or the judiciary;
• involvement (if any) in litigation matters, including any administrative reviews in the Administrative Appeals Tribunal;
• human resource management, including:

• staffing numbers and demographic information;
• recruitment and retention strategies;
• recruitment outcomes;
• staff departure and separation rates;
• workplace diversity statistics and initiatives;
• training and development;
• language skills;
• individual performance management;
• staff feedback, complaints and investigations (including public interest disclosures and any code of conduct, fraud, bullying/harassment-related investigations); and
• accommodation and facilities, including all locations within Australia where staff are present and any current or planned changes to accommodation arrangements;
• changes to the distribution of staff across different areas of the organisation, including the ratio of field and operational staff to administrative staff, the ratio of executive to middle and lower level staff, and the ratio of central office to outlying staff;

• security issues, including policies, training, security breaches and e-security;
• initiatives implemented or underway to ensure compliance with the revised Protective Security Policy Framework;
• security clearances, including clearance rates, number of revocations, current procedures, policy changes, average timeframes, delays and associated outsourcing arrangements;
• information and communications technology initiatives;
• organisational performance evaluation and accountability, including any outcomes relevant to administration and expenditure for the financial years; and
• public relations and/or public reporting, including requests for public access to records.
  2. Additionally, the Committee asked each agency to report on certain aspects of their administration or initiatives or reform activities specific to that agency.
  3. Agencies outlined significant developments and the relevant aspects of their administration for the reporting period in their submissions. The majority of the evidence received was classified, so has not been authorised for publication. The Committee scrutinised all material provided and followed up on certain matters with detailed questioning at classified hearings and in subsequent Questions on Notice and Questions in Writing.
  4. This chapter reports the Committee’s findings on the administration of the agencies. In some areas, the discussion is necessarily general due to the security classification of the evidence received. This report highlights major points reported to the Committee and does not attempt to reflect all elements of requested information from every agency.

Legislative changes

2.5During the reporting period, the Committee conducted inquiries into several bills that affected the operations of NIC agencies, finalised its first policy inquiry into the impact of law enforcement and intelligence powers on the freedom of the press, and commenced a second policy inquiry into national security risks affecting the Australian higher education and research sector.[1]

2.6Where applicable, agencies commented in their submissions on the extent to which bills reviewed by the Committee, and other legislative changes, had impacted on the administration of the respective agency.

ASIO

2.7During the reporting period two significant legislative changes came into effect that made changes to ASIO’s powers. These changes were both introduced through the Australian Security Intelligence Organisation Amendment Act 2020 (ASIO Amendment Act). This made changes to Part III, Division 3 of the Australian Security Intelligence Organisation Act 1979 (ASIO Act) which granted ASIO new compulsory questioning powers and introduced a new scheme for internal authorisation for tracking devices.[2]

2.8ASIO stated that it ‘used both these new powers in performance of its functions during the reporting period’.[3]

2.9Under the ASIO Amendment Act, the compulsory questioning powers were broadened, with adult questioning warrants now applicable in relation to espionage, acts of foreign interference and politically motivated violence, in addition to terrorism offences. Further, the ASIO Amendment Act streamlined the issuing of warrants through removal of the issuing authority while ensuring safeguards, particularly where they relate to minors.[4]

2.10The new compulsory questioning powers were applied over the review period, with ASIO issuing and the Attorney-General granting three questioning warrants against two subjects.[5]

2.11ASIO provided information to the Committee on internal authorisation for tracking devices.[6] These powers allow ASIO to deploy tracking devices against a person, an object, or a class of object with internal authorisation (by an ASIO officer) rather than a warrant, in specific circumstances.

ASD

2.12ASD reported that there were no significant changes to ASD’s legislative environment in the reporting period.[7]

2.13ASD continued to work with other Commonwealth agencies in relation to legislative reform proposals such as the Commonwealth Integrity Commission Bill 2020 and the National Commissioner for Defence and Veteran Suicide Prevention Bill 2020.[8]

ONI

2.14ONI reported that it did not pursue any legislative changes to the Office of National Intelligence Act 2018 during the reporting period.[9]

DIO

2.15DIO identified that it engaged in the implementation of outcomes from the Review of the Legal Framework Governing the National Security Community conducted by MrDennis Richardson AO at the direction of the Attorney-General (known as the Richardson Review), which was completed in late 2019.[10] No major legislative changes were identified.

AGO

2.16AGO reported that there were no amendments to its key enabling legislation, the Intelligence Services Act 2001 (IS Act), nor were there any changes to the Navigation Act 2012.[11]

ASIS

2.17ASIS did not highlight for the Committee any direct legislative amendments affecting its operations or administration, rather commenting that it continues to work with the Australian Government Solicitor on interpretation of the IS Act and other legislation where it affects ASIS.[12]

Litigation

2.18ASIO continued to be involved in litigation and other legal matters in courts and tribunals during the 2020-21 reporting period, as in previous periods. During the reporting period ASIO was involved in:

• 12 adverse security assessment reviews and two qualified security assessment reviews before the Administrative Appeals Tribunal (AAT);[13]
• three matters before the AAT related to National Archives access decisions involving ASIO material;[14]
• three judicial reviews of adverse security assessments;
• one appeal against an adverse security assessment decision;
• one special leave application regarding an adverse security assessment; and
• one civil matter related to staffing.[15]
  19. ASIS reported that it continues to be engaged in a number of litigation matters, the most high-profile of which was the case relating to the former staff member known as WitnessK.[16]
  20. ONI noted the conviction of a former ONI staff member during the period for retention of classified information, which resulted in a fine.[17]
  21. DIO, AGO and ASD were not party to any direct litigation matters during the reporting period.

Use of ASIO’s special powers

2.22ASIO reports each year on its special powers under the ASIO Act and the Telecommunications (Interception and Access) Act1979 (TIA Act) to use specific methods of investigation, which include telecommunications interception and access; use of surveillance devices; entry and search of premises; computer access; and the examination of postal and delivery service articles. The use of questioning and detention warrants under the ASIO Act is reported in the agency’s public annual report; while the use of TIA warrants is reported as part of ASIO’s classified annual report and provided to the Committee.

2.23The number of warrants approved by the Attorney-General is classified and cannot be reported by the Committee. However, following increases in 2013–14 and 2014–15, and a small reduction in 2015–16, the number of warrants or authorisations for ASIO to exercise its special powers has remained relatively stable from 2017 through to 2021, with only some variations that are mostly related to the impact of COVID-19 in the 2020-21 reporting period.[18]

Strategic direction, priorities and organisation structure

2.24The Committee requested that each intelligence agency report on its strategic direction and priorities, as well as any changes to organisational structure.

ASIO

2.25ASIO drew attention to Australia’s changing threat environment and the shifting operational priorities to which it must respond.[19] ASIO’s 2020-24 Corporate Plan sets out a strategic plan, which focuses on five key priorities:

• counter-terrorism;
• counter-espionage and foreign interference;
• border security;
• reform program; and
• governance and accountability.[20]
  26. The enablers of these priorities include people and culture, security, leadership and influence, risk and governance, technology and data, and partnerships. This strategic vision reflects that whilst technology and data is an important element of ASIO’s capability, it is only one part of the suite of capabilities and functions that the agency must utilise in delivering its security mandate.[21]

ASIS

2.27Major General (RETD) Paul Symon AO continued as the 14th Director-General of ASIS. Over the review period ASIS continued to focus on delivery of review and reform initiatives intended to enable ASIS to adapt to more difficult operating environments, particularly in the face of COVID-19 and a changing digital environment. ASIS continued to progress strategic planning, workforce and training initiatives and technological programs.[22]

2.28Working to increase transparency in the lead up to ASIS’s 70th anniversary in 2022, the agency took steps to release historic information, as well as publicly declaring two Deputy Directors-General for the first time in ASIS’s history.[23]

ONI

2.29ONI outlined its role in providing intelligence assessments and collection of open source information to the Australian Government, including analysis to contribute to the Government’s understanding of specific global events. ONI noted that it continued in its leadership role of the NIC to assist in the development and implementation of intelligence priorities, the management of coordination and delivery of intelligence across the NIC, and coordination of an intelligence community response to global events.[24]

ASD

2.30ASD said its role is to defend Australia against global threats through provision of foreign signals intelligence, cyber security and offensive cyber operations as directed by the Government and in line with its functions set out in the IS Act.[25]

2.31ASD advised that its operating environment remained complex and challenging over the reporting period, and that COVID-19 had a particular impact on the cyber security function of the organisation. ASD said the Australian Cyber Security Centre (ACSC) had assisted in protecting Australia’s COVID-19 vaccine supply from malicious cyber actors, and, more broadly, had experienced a 13 per cent increase in cybercrime reports compared to the previous reporting period.[26]

2.32ASD continued its focus on the five priorities identified in its 2020-21 Corporate Plan: the delivery of strategic advantage through the provision of intelligence, to lead in cyber security, to support military operations, to counter cyber-enabled threats, and to provide trusted advice and expertise.[27]

DIO and AGO

2.33As per previous review submissions, DIO advised that its strategic priorities are set by its leadership team consisting of its Director, First Assistant Secretary, and Branch Heads.[28]

2.34AGO outlined that during the reporting period it continued to deliver geospatial requirements for Defence, the NIC and broader Government. In light of a dynamic strategic environment, AGO also outlined its development of Defence GEOINT 2030: A Strategy for Defence’s GEOINT Capability, and launched AGO Strategy 2021-25.[29]

2.35Over the review period the Department of Defence underwent structural changes, with the establishment of the Defence Intelligence Group (DIG).[30]

Human resource management and demographics

2.36The Committee asked the intelligence agencies to provide an update on human resource management and demographics issues as identified at the start of this chapter.

2.37As in previous years, information provided to the Committee regarding the staffing and management arrangements of each agency was mostly classified. These matters have been discussed below in general terms or using publicly available information where possible.

Staff numbers and demographics

2.38As of 30 June 2021, ASIO employed 1,940 staff (1,655 full time equivalent or FTE and 285 part time). This reflects a decrease from 2,004 staff (1,704 FTE) at the period ending 30 June 2020.[33] ASIO employed 641 ASIO Executive Officers levels 1, 2 and 3 in 2021, down from 664 in 2020, and 1,219 other staff, down from 1,278 in 2020.[34]

2.39The number of Senior Executive Service (SES) Officers employed by ASIO declined over the reporting period to 50 officers as at 30 June 2021 from 62 in the previous year. This continued a decline in the number of SES Officers employed by ASIO identified in the Committee’s last review.[35]

2.40ONI reported that it had 283 employees at the end of the reporting period.[36] This continues a trend of growth of an additional 20 staff, which was also identified in the previous two reporting periods.[37] At the end of the 2020-21 reporting period, ONI’s workforce comprised 238 full-time staff, 45 part-time or casual staff, with all bar five staff located in Canberra. ONI noted that it continues to provide staff with secondment opportunities to enable skill-sharing and career development.[38]

2.41ASD employed 2,394 staff as of 30 June 2021. This comprised 2,303 ongoing staff, and 91 non-ongoing staff.[39] Of these, 94 per cent occupied roles in Canberra.[40]

2.42Staffing demographics information provided by ASIS, DIO and AGO cannot be published in this report. DIO’s workforce grew slightly over the reporting period.[41] AGO’s workforce contracted slightly over the reporting period.[42]

Recruitment and retention strategies

2.43ASIO reported that during the 2020-21 reporting period 42 external recruitment rounds were commenced across a wide range of capability requirements.[43] Commencements in entry level programs were lower than in previous years due to the impact of COVID-19. However recruitment for entry-level programs was projected to increase into the 2022-2023 financial year consistent with ASIO’s growth targets.[44]

2.44ASIO said that, in line with its focus on recruiting high quality candidates, it undertook targeted campaigns to recruit highly-skilled professionals to non-intelligence roles in 2020-21. ASIO also provided information on its outreach and engagement during 2020-21 to promote ASIO as an employer of choice through media platform engagement, such as Twitter, publicly releasing the Director-General’s annual threat assessment, as well as refreshing its website to attract employees.[45] In relation to its graduate program, ASIO was ranked in the top 10 graduate employers by Graduate Australia and as the top public sector employer for 2021.[46]

2.45Expenditure on advertising and marketing by ASIO for recruitment activities was consistent with the previous reporting period, 2019-20, with $314,183 spent on marketing and recruitment in 2020-21.[47]

2.46In relation to retention activities, ASIO conducted a staff sentiment survey in March 2021 to measure progress on the implementation of the 2020 Staff Survey Action Plan. The outcomes of the staff sentiment survey reflected positive engagement overall and strong commitment to ASIO’s purpose and mission.[48]

2.47ASIO said that part of its retention strategy also included increasing opportunities for professional growth and improving leadership capability, as well as recognition of its employees through recognition programs that focus on individual and team excellence.[49]

2.48ASD had 432 commencements in 2020-21, an increase from 308 commencements for the previous reporting period, including 81 entrants to graduate programs.[50] ASD reported on its developing workforce plans to address recruitment and retention as it delivers against an expanding remit across intelligence, offensive cyber operations and cyber strategy.

2.49During the reporting period ASD continued a range of outreach programs to implement new Science Technology Engineering and Maths (STEM) programs and cyber security initiatives with students from primary school to tertiary education.[51] In addition to work experience and internship programs, some examples of these outreach programs included:

• ASD CyberEXP which involved 426 schools, 100 teachers and 3,828 students; and
• the Girls Programming Network which involved 200 students.[52]
  50. ONI reported that it continued to recruit and retain interested staff, due to the stimulating and engaging nature of its work.[53] Lead times in acquiring security clearances were noted as an ongoing challenge, and ONI’s workforce planning activities centred on minimising vetting timeframes and managing unplanned departures. ONI indicated it had initiated a significant program of reform in human resources and vetting to improve recruitment processes as well as initiatives within the NIC to build the broader appeal of a career in national intelligence.[54]
  51. DIO noted that recruitment numbers increased over the reporting period.[55] AGO conducted more recruitment rounds in the 2020-21 reporting period and had a slight increase in staff.[56]
  52. ASIS provided evidence to the Committee on a range of recruitment and retention initiatives undertaken during the reporting period.[57]

Separation rates

2.53ASIO reported separations of 186 ongoing, non-ongoing and casual employees during the 2020-21 reporting period, or 9.4 per cent, an increase from 131 separations (6.6 per cent) in 2019-20 and 118 (6.1 per cent) in 2018-19.[58] As in the previous reporting period, the tenure of separating staff for the 2020-21 reporting period was not provided by ASIO.

2.54ONI’s separation rate was at 14 per cent, representing an increase from 13.3 per cent and 9.5 per cent in the previous two reporting periods respectively.[59]

2.55ASD reported that its separation rate was relatively stable and continued at a level similar to previous reporting periods.[60] The largest portion of separations was at the ASD 6 level, comprising 26 per cent, followed by EL 1 and ASD 5 levels at 25 and 22 per cent respectively.[61] At the classified hearing the Committee further considered the concentration of staff departures at these levels and broader issues related to retention of a skilled workforce.[62]

2.56DIO’s separation rate rose markedly over the reporting period, and was higher than the overall Defence APS separation rate of 11.2 per cent.[63]

2.57AGO’s employee separation rate also rose over the reporting period, and while it was also above the Defence separation rate, it was lower than the DIO separation rate.[64]

2.58ASIS provided information to the Committee on its separation rate for the reporting period. The details are classified and cannot be included in this report.[65]

Training and Development

2.59ASIO provided detail regarding training and development of staff for the 2020-21 reporting period. Its submission reported on learning, leadership and core capabilities, staff safety, operational capability, technical competency, language skills, and legal services.[66]

2.60ASIO said that due to the impacts of COVID-19, learning and development (L&D) was temporarily reduced in all areas. During this time ASIO’s L&D team redesigned a number of its courses, including through the externally-accessible Remote365 platform to provide staff with self-directed professional L&D opportunities. The use of accessible and remote learning opportunities is ongoing.[67]

2.61ASIO reported on its Intelligence Officer Development Program and Intelligence Analyst Development Program (collectively known as the IDP) which train and assess employees for operational and analytical roles in ASIO.[68] While there are usually two IDP intakes each year, due to the impact of COVID-19 only one intake commenced in the reporting period and those who were due to commence in June 2020 were included in the January 2021 program.[69]

2.62ONI said that its Performance Development Framework provides professional development for its workforce in the normal range of corporate endeavours, but also in specialised leadership development, studies assistance for tertiary education and proficiency in foreign languages, with 32 employees accredited in one or more language other than English.[70]

2.63ASIS provided its staff with a broad range of corporate and operational training during the reporting period. The details of the training are classified and cannot be included in this report.[71]

2.64ASD reported that its workforce maintained proficiency in mandatory general training provided by the Department of Defence, including: work, health and safety; workplace behaviour; fraud and integrity awareness; and security awareness.[72] ASD also provided leadership and other specialist training in support of workforce capabilities. The details of these courses are classified.[73]

2.65DIO and AGO noted a range of staff development and training opportunities available, including mandatory Defence training, bespoke skills development for key capabilities required in their staff, and broader training with agencies across the NIC.[74]

Individual performance management

2.66Agencies reported on their arrangements for managing the performance of their employees.

2.67ASIO advised the Committee that, in line with policy requirements, all ASIO employees participated in the performance cycle for 2020-21. This is consistent with previous reporting periods.[75]

2.68All ONI employees are expected to participate in its performance development framework program, with work performance linked to pay scale advancements.[76]

2.69ASIS updated the Committee on its use of performance management tools and their importance in managing staff and identifying areas of high performance.[77]

2.70ASD reported that in 2020-21 1,956 staff had their performance progression approved, with 400 employees not eligible or denied progression.[78] Of those staff, five were due to staff members having not completed mandatory training and the remaining were ineligible because they were on leave or probation, were new starters or trainees, or had recently been promoted.[79]

2.71The performance of DIO and AGO APS employees is formally assessed twice a year, as part of the Defence Performance Feedback Assessment and Development Scheme.[80]This informs annual performance progression payments.

2.72As in the previous reporting period, the Committee noted that AGO did not provide internal performance management statistics for the 2020-21 reporting period.[81]

2.73DIO identified that the majority of staff received performance progression pay, with those who did not being primarily ineligible due to recent promotion. A very small number of staff did not receive their salary increment as they were on probation, were cadets (and therefore ineligible), refused to participate or were found to be partially effective.[82]

Workplace diversity

2.74Agencies provided information on the diversity of their workforces, with some classified data being provided by agencies, reflected in general commentary below.

ASIO

2.75ASIO reported that 47.6 per cent of its staff identified as female in the 2020-21 reporting period.[83] This is consistent with the 2019-20 reporting period, at 47.5 per cent.[84] In the reporting period ASIO achieved gender balance across the SES cohort, and continues to pursue gender balance at all other levels.[85]

2.76ASIO’s Annual Report for 2020-21 stated that eight staff identified as Aboriginal and Torres Strait Islander, a drop from nine in the previous year, while 27 staff identified as having a disability, an increase from 23 staff in the previous reporting period.[86] Overall, figures remained consistent with previous years.

ONI

2.77As in previous years, ONI continued to report on its gender targets, and provided information on the work of its Diversity and Inclusion Committee, and efforts to promote disability, Indigenous, mental health, gender and sexual identity, and cultural and linguistic diversity initiatives in its workforce.[87]

2.78For the review period ONI reported 50 per cent of employees were women, while women held 13 of the 31 SES level positions (equivalent to 42 per cent).[88] Employees that identified as Aboriginal or Torres Strait Islander were less than 1 per cent for 2020-21, consistent with the previous reporting period.[89]

ASD

2.79ASD reported that as of 30 June 2021 women comprised 36 per cent of the workforce, or 883 positions, while men occupied 1,511 positions. This is consistent with the 35 per cent female representation from the previous reporting period.[90] Of note, ASD delivered a number of coaching and mentoring initiatives focused on women in cyber, STEM and security.

2.80Amongst the SES cohort, of 37 SES positions women held 13, or 35 per cent.[91] This represents a decrease from near gender parity in the previous reporting period, which had 14 ongoing, and one non-ongoing female SES, and 15 ongoing male SES.[92]

2.81During the reporting period ASD employed 20 staff identifying as Indigenous, and 30 staff identifying as having a disability.[93] ASD’s submission drew attention to a range of initiatives, including the ASD Diversity and Inclusion Strategy 2019-22, and employee networks focused on supporting women in leadership, First Australians, LGBTQI+, and parents and carers.[94]

DIO

2.82DIO reported that the gender representation in its workforce continues to be close to parity, but with imbalances at specific levels. While the majority of female workers continue to work in intelligence roles, these roles are not equally staffed by male and female employees.[95] DIO identified a positive shift towards recruitment of Indigenous employees.[96]

AGO

2.83AGO reported that the proportion of female employees remained under 40 per cent.[97] While the gender gap persists in older employee cohorts the disparity is smaller amongst younger cohorts and graduate intakes.[98] The percentage of employees from culturally and linguistically diverse backgrounds, those who identified as Indigenous, or as having a disability have all remained stable across AGO.[99]

Staff feedback and complaints

ASIO

2.84ASIO advised that it conducts staff surveys on a range of workplace matters, including the experience of employees with regard to witnessing or being subject to bullying or harassment. Feedback from surveys was used to develop updated training materials and guidelines on addressing inappropriate behaviour early.[100]

2.85Details regarding staff complaints during the reporting period are classified and cannot be reported here.

Engagement by ASIO Ombudsman

2.86ASIO said that staff are supported during complaints processes by the ASIO Ombudsman, an external provider who offers ‘impartial and confidential services to staff and management to address a range of workforce concerns through advice, consultation and mediations’.[101] The ASIO Ombudsman also has a ‘limited capacity to undertake complex formal investigations as delegated’.[102] Over the reporting period seven staff inquiries and contacts were received by the Ombudsman. These focused on topics such as recruitment and career path options.[103]

2.87During the reporting period the ASIO Ombudsman also participated in the following formal engagements:

• one health review;
• two discussions with staff networks;
• two meetings with inter-agency stakeholders; and
• three inquiries into staff concerns.[104]
  88. ASIO also said that the Ombudsman was engaged through informal discussions, reviews of policy documents and information-sharing (such as best practice policy and research papers).[105]
  89. ASIO advised that the Ombudsman did not participate in any work related to disclosures made under the Public Interest Disclosure Act 2013, known as public interest disclosures (PIDs), for the reporting period.[106]

ASD

2.90Over the reporting period ASD received four complaints of unacceptable behaviour, two of which were substantiated and two were not progressed; five substantiated complaints regarding Code of Conduct; seven PID complaints, of which two were not progressed, four were not substantiated, and one remains under investigation; and four complaints requesting review of action or grievance, one of which was not progressed, two of which were substantiated, and one unsubstantiated.[107]

ONI

2.91ONI reported that it received no unacceptable behaviour, bullying or harassment complaints during the reporting period and it did not conduct any investigations into breaches under the APS Code of Conduct[108] or any disclosures under the Public Interest Disclosure Act 2013.[109]

DIO and AGO

2.92DIO reported very few staff complaints and APS Code of Conduct investigations during the reporting period.[110]

2.93AGO reported a decrease in staff complaints for unacceptable behaviour over the reporting period, and the number of staff complaints overall remain low.[111]

ASIS

2.94ASIS described both internal and external channels for employees to raise complaints or seek advice. The details of the internal complaints processes are classified and cannot be reported here.

2.95In addition to internal complaints processes, staff have mechanisms external to ASIS to raise concerns. These include the Inspector-General of Intelligence and Security and PIDs(discussed below).[112] Additionally, staff may raise concerns with the independent ASIS Ombudsman, who provides impartial and confidential advice to staff and management in relation to staffing concerns.[113]

Complaints to the Inspector-General of Intelligence and Security

2.96The Inspector-General of Intelligence and Security (IGIS) is an independent statutory office holder with oversight responsibilities in relation to intelligence agencies. The work of IGIS more broadly is discussed later in this chapter.

2.97Under the Inspector-General of Intelligence and Security Act 1986, the IGIS may receive and inquire into complaints in respect of actions taken by intelligence agencies, including in relation to disclosures under the Public Interest Disclosure Act 2013. General statistics regarding complaints received can be found in the IGIS Annual Report, accessible on the IGIS website.[114]

2.98In its previous annual reports and submissions to the Committee, the IGIS distinguished between ‘complaints’ which fell within IGIS’s purview, and ‘contacts’ for grievances which did not sit within IGIS’s jurisdiction.[115] In its submission to this review, IGIS indicated that this distinction was not an efficient use of resources, and combined the categories, now all described as ‘complaints’.[116] This change impacts on comparison with previous years’ reporting to the Committee.

2.99The IGIS identified that it received 344 complaints during the reporting period. This constitutes an increase from in 2019-20 where the IGIS reported 215 grievances lodged in relation to intelligence agencies.[117] Of the 344 complaints, the IGIS determined that 167 were within its jurisdiction.

2.100The 167 complaints covered a wide range of matters, including:

• seizure of property under warrant;
• security assessments for employment;
• access to records;
• complaint handling;
• surveillance;
• employment issues including recruitment processes; and
• management of security-related action.[118]
  101. The IGIS’s Annual Report 2020-21 did not identify whether all complaints were investigated, or the number of cases in which evidence of illegality or impropriety was found. As a result, further analysis on the outcome of complaints for the reporting period is not possible.[119]
  102. The IGIS reported 124 complaints received in relation to visa and citizenship applications. This represents a decrease from 300 in 2019-20.[120] The IGIS suggested this was likely due to COVID-19 travel restrictions. While a number of applications were subject to processing delays, IGIS found no compliance issues in its investigation of visa and citizenship complaints.[121]
  103. The IGIS advised that the number of PIDs rose substantially from two in 2019-20, to 16 PIDs in 2020-21.[122] The IGIS indicated the PIDs covered a range of matters including allegations in relation to maladministration, danger to health or safety, conduct which could lead to disciplinary action, contraventions of Commonwealth, State or Territory law and abuse of a position of trust.[123]

Accommodation

2.104Agencies provided updates to the Committee on accommodation arrangements. Most evidence was classified and cannot be discussed in this report.

2.105ASIS and ONI indicated that during the reporting period they considered accommodation demands alongside staffing levels and delivering effective services to government.[124]

2.106DIO and AGO reported that a new body was established in 2020-21 to manage Defence-approved estate activities, and that the body had led a number of remediation works during the reporting period.[125]

2.107AGO indicated that it occupied a number of major and minor sites across Australia that operated at a range of classification levels during the reporting period. In addition to the maintenance of current buildings, AGO said that work was underway to consider the long-term accommodation requirements of the organisation.[126]

2.108ASIO provided information on its large and complex property portfolio to support its delivery of secure and fit for purpose working environments.[127]

2.109ASD operated a number of facilities during the reporting period, including a multi-classification facility to allow for increased collaboration with government agencies and the private sector.[128] During the reporting period, a long-term strategic accommodation plan for its expanding workforce was approved by ASD’s Executive Committee.[129]

Security functions and issues

2.110Security functions encompass physical, technical, administrative, ICT and personnel security. The Committee requested information from agencies regarding security matters, including security procedures and policies, training, security breaches, e-security arrangements, physical security arrangements and security clearances.

2.111Most of the evidence on security functions and issues was classified.However, the Committee pursued questioning with agencies at classified hearings, particularly regarding how agencies manage security breaches, and the ongoing impacts of COVID-19.

Security breaches

2.112Agencies informed the Committee of the number and nature of security breaches recorded during the reporting period and any action taken as a result. The details of security breaches are classified and cannot be included in this report. However, the Committee discussed reported breaches with agencies at its classified hearings and was satisfied that national security classified material has not been compromised.[130]

Security clearances

2.113Employees across the NIC and the agencies covered by this review are required to obtain and maintain an appropriate security clearance to perform their role. The Committee requested information from agencies on security clearance application timeframes, for both initial clearances and revalidations.

2.114The Department of Defence, through the Australian Government Security and Vetting Agency (AGSVA) provides security clearances for three of the agencies covered by these reviews (DIO, AGO and ASD).

2.115ONI, ASIS and ASIO conduct their own security vetting processes and provided feedback to the Committee regarding times taken to process, and impacts on workforce capability.[131]

2.116Intelligence agencies provided information to the Committee in their submissions and in classified hearings on the challenges and changes to the clearance process that arose in response to COVID-19. Agencies acknowledged the importance of containing clearance processing timelines, both for new and existing clearances. In 2017 Michael L’Estrange and Stephen Merchant conducted the Independent Intelligence Review (IIR). The IIR was a periodic review of Australian intelligence agencies, which recommended significant changes to the intelligence community and oversight bodies. The IIR made 23 recommendations directed to enhancing cooperation and improving administration, which also included addressing one element of the security clearance process, discussed further below.

2.117ONI reported that COVID-19 slowed work on its security clearance assessments overall, however the median time for processing of clearances improved for re-evaluation clearances, from an average of 66 weeks in the previous reporting period to 55 weeks. The median processing time for initial clearances increased slightly, from 19 weeks to 20 weeks. To address growing demand, ONI said it had recruited vetting staff, and engaged with the Future Positive Vetting Capability Taskforce which continued into the next reporting period.[132]

2.118In support of broader security clearance processes, ASIO reported that in 2020-21 it completed 39,320 personnel security assessments, which represented an increase from 34,035 in the previous reporting period.[133] ASIO attributed the increase in referrals to growth in some areas requiring clearances and updated requirements for some positions that previously did not require a security clearance.[134]

2.119The Australian National Audit Office (ANAO) drew the Committee’s attention to its performance audit of ASIO, Auditor-General Report No. 2 of 2021-22: Workforce Planning in the Australian Security Intelligence Organisation. Part of the review considered ASIO’s approach to remediation of the Top Secret (Positive Vetting) (TSPV) security clearance backlog, which was recognised as an area of concern in the IIR. Specifically, Recommendation 12 of the IIR said that ASIO should receive additional resourcing to allow it to second staff to AGSVA to assist with processing the backlog of security clearances and improve clearance processing timeframes. In relation to implementation of a strategy to reduce the TSPV backlog, ANAO said that:

ASIO developed an effective strategy to manage the provision of resourcing for the purpose of implementing Recommendation 12 of the 2017 IIR. ASIO’s actual approach to resourcing did not fully align with the strategy in that the majority of additional resources remained in ASIO rather than being seconded to the Australian Government Security Vetting Agency (AGSVA). However, the strategy was implemented with appropriate governance arrangements with AGSVA and other Commonwealth entities.[135]

2.120In relation to the remediation of the TSPV security clearance backlog the ANAO said:

[the] legacy backlog of 1,266 specific [TSPV] cases referred to in the 2017 IIR was remediated by January 2020, with a significantly reduced backlog of [TSPV] cases remaining. ASIO reported that it achieved its benchmark for ‘routine’ [TSPV] security assessments less than 50 per cent of the time in each month between March 2020 and February 2021.[136]

2.121In response to the above the Committee sought additional information in its classified hearings regarding the reform of security vetting arrangements across the intelligence community.

Oversight, accountability and performance evaluation

2.122The Committee requested that agency submissions address organisational performance management and accountability, including any outcomes relevant to administration and expenditure for the reporting period. Agencies regularly undertake, or are subject to, formal evaluations of their performance.

2.123There are a number of internal and external oversight and accountability mechanisms in place for each of the intelligence agencies to provide assurance to the Australian public of the legality and propriety of their activities. These mechanisms include:

• internal reviews;
• Ministerial and Parliamentary accountability;
• the IGIS;
• internal and external Ombudsman offices; and
• for ASIO, the Independent Reviewer of Adverse Security Assessments.
  124. The Auditor-General may undertake performance audits, assurance reviews or audits of the performance measures of Commonwealth entities (audits of intelligence agencies’ financial statements will be discussed further in Chapter 3).[137]
  125. Currently the Auditor-General cannot provide the PJCIS with any reporting that is not publicly available, and may not publicly report on matters if they would ‘prejudice the security, defence or international relations of the Commonwealth’.[138] In circumstances where the Auditor-General does not publicly report on a matter, the Auditor-General may prepare a report including sensitive information for submission to the Prime Minister, the Finance Minister and the responsible Minister.[139]
  126. While the PJCIS and other parliamentary committees may suggest particular areas for inclusion in ANAO’s draft annual audit work program, consistent with the Auditor-General’s position as an independent officer of the Parliament, the PJCIS cannot compel the ANAO to undertake particular work.[140]

Ministerial authorisations and section 13B notices

2.127The IS Act requires AGO, ASD and ASIS to obtain ministerial authorisation in order to undertake an activity for the purpose of producing intelligence on an Australian person or an activity that will, or is likely to, have a direct effect on an Australian person. The Minister specifies, in the form of a written direction, circumstances in which agencies must seek authorisation before undertaking other activities or classes of activities.[141]

2.128The Committee requested that relevant agencies report on the number of ministerial authorisations issued (including class authorisations) and the number of activities undertaken under a ministerial authorisation, categorised by type.

2.129During the reporting period ASD and AGO reported a decrease in ministerial authorisations sought.[142] ASIS also provided information in relation to ministerial authorisations.

2.130Section 13B of the IS Act enables ASIS to support ASIO by undertaking an activity or series of activities to produce intelligence on an Australian person or class of Australian persons without seeking ministerial authorisation, when requested via a ‘notice’ from ASIO. ASIS reported on the number of section 13B notices received from ASIO in the years from 2018-19 to 2020-21. The number of section 13B notices is classified and cannot be reported by the Committee.[143]

Performance evaluation

2.131ONI collected qualitative and quantitative data to measure, quantify and assess the quality and impact of its performance during the reporting period through:

• engagement with the offices of the Prime Minister, Cabinet Ministers, and their departments;
• feedback acquired from senior customers and stakeholders;
• internal and IGIS reviews; and
• analysing data regarding the use of its assessments.[144]
  132. As in the previous reporting period, ONI indicated that COVID-19 presented significant challenges regarding analysis of open source material.[145]
  133. ASIO establishes performance objectives in its corporate plan, in line with the requirements of the Public Governance, Performance and Accountability Act 2013 (PGPA Act). It monitors its performance against these objectives throughout the year and includes an assessment in the annual performance statement included in its annual report.[146]
  134. ASIO identified that for the 2020-21 reporting period it achieved significant performance outcomes and met seven of its nine performance measures. The two remaining performance measures were ‘partially achieved’.[147]
  135. To ensure compliance with the PGPA Act as part of ASD’s transition to a statutory authority, ASD said it had undertaken a number of reforms

[to] improve decision-making processes and accountability in order to support compliance with the PGPA Act. ASD has delivered its first cohesive Planning and Performance Framework, streamlined its enterprise committees, and undertaken a significant policy uplift program, including in support of ASD’s expanded regional and multi-classification taskforce.[148]

2.136ASIS indicated that it has both internal and external measures in place to assist it to evaluate its performance.[149] DIO described performance management and evaluation processes including training to ensure accountability, internal reviews and NIC governance reporting.[150] AGO provided a summary of its internal governance frameworks and how it achieves compliance.[151]

Inspector-General of Intelligence and Security

2.137As noted above, the IGIS is an independent statutory office holder with oversight responsibilities in relation to the activities of intelligence agencies. During the reporting period this included ASIO, ASIS, ASD, AGO, DIO and ONI, as well as the use of network activity warrants by the Australian Criminal Intelligence Commission (ACIC) and the Australian Federal Police (AFP).

2.138During the reporting period there were three successive Inspectors-General of Intelligence and Security operating in either an acting or substantive capacity. In August 2020, the Hon Margaret Stone AO FAAL concluded her term in office, and Deputy Inspector-General Jake Blight undertook the role from August 2020 until February 2021. For the remainder of the reporting period, the IGIS role was undertaken by the Hon Christopher Jessup KC.[152]

2.139IGIS’ role is ‘to provide assurance that each intelligence agency acts legally and with propriety, complies with ministerial guidelines and directives, and respects human rights’.[153]

2.140The IGIS fulfils its role through the ongoing inspection and monitoring of intelligence agencies.[154] In addition, the IGIS may undertake inquiries, with powers of investigation comparable to those of a Royal Commission. These inquiries may be initiated at ‘the Inspector-General’s own motion, at the request of a Minister, or in response to complaints’.[155]

2.141The Committee invited the IGIS to make a submission on matters related to the administration and expenditure of the agencies under review, arising from the IGIS’s oversight activities during the review period. The IGIS appeared at a classified hearing, during which the Committee sought additional information on complaint processes, oversight activities, transparency and engagement with agencies.

Inspections and outcomes

2.142Over the reporting period the IGIS undertook a range of inspection activities which are detailed in publicly available reporting, including the IGIS Annual Report, and are not replicated in detail here. However, information regarding certain inspections and outcomes has been extracted and is discussed below.

2.143IGIS inspections of ASIO during the reporting period considered the use of powers under the ASIO Act and the TIA Act. These inspections found that ASIO was largely compliant, and where there were issues or breaches, the IGIS was satisfied with ASIO’s response.[156]

2.144The IGIS inspected ASIO’s exchange of information with foreign authorities over two years. The first inspection identified an opportunity for ASIO to improve its approach to better manage potential human rights implications of disclosure. However, following the second inspection, the IGIS indicated that it ‘was insufficiently assured that these changes were effective’, and additional measures to improve compliance were to be reviewed in the following reporting period.[157]

2.145IGIS undertook inspection activities in relation to ASIS’s operational files and ministerial submissions, the majority of which were compliant. IGIS did however identify several compliance concerns, which included three occasions where ASIS failed to obtain ministerial authorisation before producing intelligence on Australian persons.[158]

2.146Inspection of ASD activities by IGIS identified three instances of imprecise advice provided in ministerial submissions to the Minister for Defence. While these inaccuracies did not have a material impact on the overall advice or decisions made, they ‘highlighted the need for stringent assurance processes’.[159]

2.147The Committee sought additional information in classified hearings in relation to other compliance matters arising during the reporting period.

Inquiries

2.148In 2020-21 the IGIS undertook one inquiry into a complaint related to ASD under section 8(2) of the IGIS Act.[160] This inquiry was underway at the end of the reporting period, and the outcome will be considered by the Committee further in future reviews of administration and expenditure.

Independent Reviewer of Adverse Security Assessments

2.149ASIO furnishes security assessments of individuals to Commonwealth agencies in accordance with the ASIO Act. A security assessment may be adverse, qualified or non-prejudicial.

2.150The Independent Reviewer of Adverse Security Assessments conducts reviews of ASIO adverse security assessments (ASA) furnished to the Department of Home Affairs on non-citizens who are in immigration detention and have been found by the department to:

• be owed protection obligations under international law; and
• be ineligible for a visa or who have had their permanent protection visa cancelled because they are the subject of an ASA.[161]
  151. The Independent Reviewer performs their functions by examining:
• all information ASIO relied on in making an ASA, as well as any other relevant material, such as submissions or representations made by the subject of an ASA; and
• the overall security environment, which is informed by ASIO’s assessment of security threats and any changes to the circumstances or ideology of the individual subject to an ASA during their time in detention.[162]
  152. ASIO advised that over the reporting period the Independent Reviewer considered five ASAs.[163]
  153. In relation to the five ASA reviews:
• one concluded due to being revised to a Qualified Security Assessment (outside the remit of the Independent Reviewer);
• one was subject to a recommendation that the ASA should be reclassified as a qualified security assessment, and the matter was still under consideration at the conclusion of the reporting period; and
• the three remaining assessments were ongoing at the conclusion of the reporting period.[164]

Public relations

2.154The Committee requested that agencies provide information on public relations and public reporting, including requests for public access to records received.

2.155ASIO noted that its Director-General of Security and Deputy Directors-General are publicly identified ASIO Officers and undertake public outreach through the Director-General of Security’s Annual Threat Assessment, media interviews and engagement, public speeches, and appearances at various parliamentary fora.[165]

2.156In August 2020, ASIO launched the @ASIOGovAu Twitter account, which ASIO advised had increased public engagement and supported the declassification and distribution of information on Twitter through regular #TradecraftTuesday and history posts.[166] Public awareness was a focus of ASIO over the reporting period, and the Director-General launched ASIO’s first public awareness campaign in November 2020, which resulted in a potential audience of more than 9 million people.[167]

2.157Throughout the reporting period ONI undertook public engagement through internal and external communications, media engagements (including speeches by the Director-General of National Intelligence) and senior executive outreach. In addition, ONI noted it had collaborated with the Australian Strategic Policy Institute (ASPI) for the first time on an episode of ASPI’s podcast to discuss careers in the NIC.[168]

2.158ASD outlined that its public engagement took place through collaboration with the private and public sector during the reporting period. This engagement included the Industry Integration Program, the Australian Cyber Security Centre Partnership Program, and numerous campaigns aimed at improving the cyber security posture of governments, private sector organisations, universities, and individuals.[169]

2.159ASD supported public outreach activities through publication of a wide range of online resources, participation at Senate Estimates, media engagement (193 queries answered in the reporting period), and response to public access requests.[170] ASD also reported that the Director-General of ASD and the Head of the Australian Cyber Security Centre made a number of public statements and speeches during the reporting period.[171]

2.160ASIS does not have a formal public relations function and the Director-General of ASIS did not undertake any proactive media engagements in 2020-21.[172] As noted previously, in January 2021 the Minister for Foreign Affairs agreed, pursuant to s. 41b(b)(ii) of the IS Act, to announce the identities of two Deputy Directors-General, which was achieved through publication of this Committee’s report into the Reviews of Administration and Expenditure No. 18 (2018-19) and No. 19 (2019-20).[173]

2.161DIO reported that it did not undertake any media liaison activities or public engagements during the reporting period.[174] In September 2020 DIO published its Defence Economic Trends in the Asia-Pacific 2020 on its website.[175]

2.162AGO reported some public relations activities during 2020-21: it published one media release, responded to one media request, its staff were involved in a small number of public relations events, and participated in industry led conferences.[176]

Requests for access to public records

2.163All agencies examined as part of the Committee’s Administration and Expenditure reviews are exempt from the Freedom of Information Act 1982 (FOI Act), but are subject to the release of records under the Archives Act 1983 (Archives Act), which enables the public to access Commonwealth records during an ‘open period’. Pursuant to section 40 of the Archives Act, any member of the public can request access to government records once they fall within the open period. In accordance with changes to the Archives Act implemented on 1 January 2011, the open period is currently transitioning from 30 years to 20 years. The open period for the end of the reporting period for this report encompasses all records created before 2000.[177]

2.164Most records within the open period are eligible for public access and 98 per cent are wholly released. A very small percentage (less than .25 per cent) of requests are withheld entirely because they consist of exempt information, as defined in section 33 of the Archives Act.[178]

2.165ASIO identified that during the 2020-21 reporting period 537 applications were made for access to its records and 538 requests were completed.[179] This represents a 60 per cent increase in requests compared to the previous reporting period, and 47,913 pages which required assessment.[180] The backlog of applications and volumes, 287 and 1,190 respectively, is consistent with previous years.[181]

2.166ASIS advised that it responds to requests for access to records under the Archives Act. While the number of requests and details regarding the volume of material is classified, ASIS advised that requests for public access to information are increasing and can be challenging and time consuming.[182]

2.167ONI reported a significant increase in Archives Act requests with 124 over the reporting period, an increase from 27 in the previous reporting period.[183]

2.168DIO reported that it received 69 public access requests of which it processed and completed 33 cases during the reporting period.[184]

2.169AGO reported that it received two public access requests through the Classified Records Review Directorate.[185] Although exempt from FOI Act requests, in Parliamentary debates then Minister for Defence committed to Parliament that AGO would apply FOI principles to requests for Australian Hydrographic Office information.[186]

2.170During the reporting period ASD received requests for access to 19 records for 2020-21.[187] ASD also updated the Committee on the outcomes of 19 outstanding requests which dated back to 2018-19.[188] By 30 June 2021 ASD had completed 11 of these requests, and at the time of ASD’s submission it had completed all outstanding requests from previous financial years.[189]

2.171During the reporting period ASD commenced a proactive declassification program, which works to release archived holdings to the public. This is the first program of its kind amongst Australian intelligence agencies.[190]

Committee comment

2.172The Committee has reviewed the administration of six intelligence agencies for the 2020-21 reporting period and is generally satisfied that they are overseeing their administrative functions and administering outcomes and outputs effectively.

2.173The Committee extends its appreciation to the intelligence agencies, the IGIS, ANAO and other submitters for their engagement with this inquiry over an extended period of time. The evidence of these agencies has enhanced the Committee’s understanding of the administration of intelligence agencies and assisted in the fulfilment of its statutory obligations.

2.174Operating in Australia’s national security and intelligence environment necessitates a certain level of secrecy, and the Committee recognises that this results in practical limitations to the information which may be publicly distributed regarding agencies’ administration and expenditure. The Committee is also of the view that this necessary secrecy elevates the importance of the accountability processes undertaken by the IGIS, the ANAO, and parliamentary processes in reviewing the activities of the NIC, such as the oversight role of the Committee.

2.175The appropriate flow of information between oversight bodies is essential to ensuring the effective oversight of the NIC. However, during this review, the Committee formed the view that current legislative provisions for oversight bodies operate as a barrier to information sharing, resulting in circumstances where the Committee can receive more complete information from intelligence agencies than the bodies that oversee them.

2.176It is not a function of the Committee to review operational intelligence matters. However, understanding the outcome of administrative processes that have an operational element can enhance the Committee’s understanding of not only the effective administration and expenditure of intelligence agencies, but also the operation and effectiveness of the intelligence-related bills and Acts the Committee is frequently called upon to consider.

2.177The Committee recognises the importance of its relationship with the Inspector-General of Intelligence and Security. Although the IGIS’s role largely focuses on the operational activities of intelligence agencies, which this Committee cannot examine, IGIS undertakes inquiries, inspections and reviews that have the potential to provide invaluable insight into agencies’ performance. Therefore, it is regrettable that certain barriers prevent the IGIS from providing more detailed information to inform the Committee.

2.178The Committee acknowledges that legislation prevents the IGIS from sharing complete information regarding its inspections and inquiries. The Committee also acknowledges that providing unclassified information on the administration of intelligence agencies serves the public interest, up to a point. However, the Committee is of the view that the barriers to more complete communications between the Committee and oversight bodies is of increasing concern, and limits this Committee’s ability to provide assurance to the Parliament and public that the administration of the agencies is being fully and appropriately examined.

2.179The Committee will explore ways to address these barriers going forward, including through proposing legislative change where required. The Committee looks forward to continuing a productive relationship with the IGIS and other oversight bodies.

2.180The Committee has valued the evidence of the Auditor-General during its inquiry. However,the ANAO noted in its evidence that ‘while there are no barriers to the Auditor-General and ANAO conducting audits in intelligence agencies there are confidentiality requirements impacting the Auditor-General and ANAO communicating the outcome of the results of audit work in certain circumstances’.[191] The Committee considers that the Auditor-General would be more effectively empowered to undertake confidential audits or reviews of matters relating to national intelligence agencies if the outcomes of these were able to be provided to Parliament by submitting classified audit reports to this Committee in lieu of requiring presentation of all reports in full to the House of Representatives and the Senate, which makes the reports public.

2.181In addition, while acknowledging the necessity of confidentiality requirements on ANAO work to avoid impacting the ‘security, defence or international relations of the Commonwealth’,[192] the Committee considers that legislative change to allow the Auditor-General to share classified reporting provided to ministers with this Committee – within the scope of legislative provisions governing the Committee’s access to information – would allow for more robust parliamentary oversight of the administration and expenditure of the intelligence agencies overseen by the Committee. The Committee therefore recommends that the Government amend the Auditor-General Act 1997 and the Intelligence Services Act 2001, where necessary, to facilitate both appropriate auditing of NIC agencies and the provision of classified reports to Parliament via the Committee.

The Committee recommends the Australian Government amend the Auditor General Act 1997 and the Intelligence Services Act 2001, as necessary, to enable the Auditor-General to:

• undertake audits on matters related to National Intelligence Community agencies where the Auditor-General regards this as appropriate; providing that classified reports of such audits are to be presented to Parliament via submission to the Parliamentary Joint Committee on Intelligence and Security, and are exempt from presentation to the House of Representatives and Senate (to the extent they contain classified material); and
• provide the Parliamentary Joint Committee on Intelligence and Security with copies of classified ANAO reports provided to relevant ministers relating to the agencies under the Committee’s oversight, where the Auditor-General regards this as appropriate, and subject to the relevant provisions of the Intelligence Services Act 2001 governing the provision of information to the Committee.
  182. The Committee notes that the requirement for intelligence agencies to provide reporting to the Committee’s administration and expenditure reviews can duplicate reporting requirements set out in other legislation, such as the PGPA Act. While the Committee considers that the provision of classified annual reports would not replace the requirement for intelligence agencies to prepare submissions for these annual reviews, the Committee is of the view that receiving classified annual reports may aid in the Committee’s understanding of the administration and expenditure of intelligence agencies, while also potentially reducing the administrative burden on the agencies over time.
  183. Therefore, the Committee recommends that the intelligence agencies subject to its annual review of administration and expenditure be authorised to provide the Committee with their classified annual reports.

The Committee recommends the Australian Government amend legislation to enable classified annual reports of intelligence agencies subject to review of Administration and Expenditure under the Intelligence Services Act 2001 to be provided to the Parliamentary Joint Committee on Intelligence and Security.

2.184Increasing separation rates was an area of interest for the Committee during its inquiry. The Committee notes that the recruitment environment has become increasingly competitive, which may have contributed to the increase in separation rates reported by intelligence agencies. The Committee also notes that these challenges are unlikely to be unique to the intelligence agencies that submitted to the inquiry, and may well be experienced elsewhere across the NIC.

2.185The Committee considers that understanding where staff choose to move to, and the frequency with which staff exiting the NIC return to work in the intelligence community, could better position intelligence agencies to respond to challenges in staff retention. Through this, agencies may become better informed as to the value-proposition they need to offer staff, as part of both recruitment and retention strategies. Therefore, the Committee recommends that ONI, as the body responsible for enterprise management in the NIC, work with intelligence agencies to develop consistency in data collection on staff movements and develop a whole-of-NIC strategy to improve attraction and retention.

The Committee recommends that the Office of National Intelligence work with the National Intelligence Community (NIC) to develop consistent data collection on staff movement and staff retention, and work to develop a whole-of-NIC strategy to improve attraction and retention.

The Committee recommends that the Office of National Intelligence update the Committee in 12 months on its progress in this area.

Footnotes

[1]Details of all inquiries undertaken during the relevant period of the 46th Parliament are available on the Committee’s website at www.aph.gov.au/pjcis.

[2]ASIO, Submission 6, p. 83.

[3]ASIO, Submission 6, p. 83.

[4]ASIO, Submission 6, p. 83.

[5]ASIO, Submission 6, p. 83.

[6]ASIO, Submission 6, pp. 85-86.

[7]ASD, Submission 8, p. 10.

[8]ASD, Submission 8, p. 10.

[9]ONI, Submission 4.1, p. 10.

[10]Department of Defence (DIO), Submission 9, p. 9.

[11]Department of Defence (AGO), Submission 9, p. 13.

[12]ASIS, Submission 7, pp. 19-20.

[13]ASIO, Submission 6, pp. 88-89.

[14]ASIO, Annual Report 2020-21, p. 77.

[15]ASIO, Submission 6, pp. 91-92.

[16]ASIS, Submission 7, p. 20.

[17]ONI, Submission 4.1, p. 10.

[18]ASIO, Submission 6, p. 115.

[19]ASIO, Submission 6, pp. 105-106.

[20]ASIO, Corporate Plan 2020-24, p. 3.

[21]ASIO, Corporate Plan 2020-24, p. 3.

[22]ASIS, Submission 7, pp. 8-9.

[23]ASIS, Submission 7, p. 8.

[24]ONI, Submission 4.1, p. 6.

[25]ASD, Submission 8, p. 3.

[26]ASD, Submission 8, p. 1.

[27]ASD, Submission 8, p. 3.

[28]Department of Defence (DIO), Submission 9, p. 2.

[29]Department of Defence (AGO), Submission 9, p. 6.

[30]Department of Defence (DIG), Submission 9, p. 2.

[31]Cyber Security Cooperative Research Centre, Our Board, cybersecuritycrc.org.au/stephen-merchant, accessed 30 January 2023.

[32]Department of Defence, Submission 9, para. 7.

[33]ASIO, Submission 6, p. 40.

[34]ASIO, Submission 9.1, p. 41.

[35]Parliamentary Joint Committee on Intelligence and Security (PJCIS), Review of Administration and Expenditure No. 18 (2018-19) and No. 19 (2019-20) – Australian Intelligence Agencies, October 2021, p. 23.

[36]ONI, Submission 4.1, p. 11.

[37]PJCIS, Review of Administration and Expenditure No. 18 (2018-19) and No. 19 (2019-20) – Australian Intelligence Agencies, October 2021, p. 23.

[38]ONI, Submission 4.1, p. 11.

[39]ASD, Annual Report 2020-21, p. 99.

[40]ASD, Annual Report 2020-21, p. 104.

[41]Department of Defence (DIO), Submission 9, p. 10.

[42]Department of Defence (AGO), Submission 9, p. 14.

[43]ASIO, Submission 6, p. 45.

[44]ASIO, Submission 6, p. 45.

[45]ASIO, Submission 6, p. 45

[46]ASIO, Submission 6, p. 44.

[47]ASIO, Submission 6, p. 44. In 2019-2020, ASIO spent $313,025 on marketing.

[48]ASIO, Submission 6, p. 49.

[49]ASIO, Submission 6, p. 49.

[50]ASD, Submission 8, p. 26.

[51]ASD, Submission 8, p. 27.

[52]ASD, Submission 8, p. 26.

[53]ONI, Submission 4.1, p. 11.

[54]ONI, Submission 4.1, p. 11.

[55]Department of Defence (DIO), Submission 9, p. 10.

[56]Department of Defence (AGO), Submission 9, p. 24.

[57]ASIS, Submission 7, p. 33.

[58]ASIO, Submission 6, p. 48.

[59]ONI, Submission 4.1, p. 11.

[60]ASD, Submission 8, p. 30.

[61]ASD, Submission 8, p. 31.

[62]PJCIS, Committee Hansard, Canberra, 15 November 2022, p. 28.

[63]Department of Defence (DIO), Submission 9, p. 11.

[64]Department of Defence (AGO), Submission 9, p. 29.

[65]ASIS, Submission 7, p. 30.

[66]ASIO, Submission 6, p. 50-55.

[67]ASIO, Submission 6, p. 51.

[68]ASIO, Submission 6, p. 52.

[69]ASIO, Submission 6, p. 52.

[70]ONI, Submission 4.1, pp. 12-13.

[71]ASIS, Submission 7, pp. 35-36 and 86-90.

[72]ASD, Submission 8, pp. 32-33.

[73]ASD, Submission 8, pp. 26-35.

[74]Department of Defence (AGO), Submission 9, pp. 34-36; Department of Defence (DIO), Submission 9, pp. 17-17.

[75]ASIO, Annual Report 2020-21, p. 79.

[76]ONI, Submission 4.1, p. 13.

[77]ASIS, Submission 7, p. 32.

[78]ASD, Submission 8, p. 40.

[79]ASD, Submission 8, p. 40.

[80]Department of Defence (DIO), Submission 9, p. 18.

[81]PJCIS, Reviews of Administration and Expenditure: No. 18 (2018-2019) and No. 19 (2019-2020) – Australian Intelligence Agencies, October 2021, p. 29.

[82]Department of Defence (DIO), Submission 9, p. 18.

[83]ASIO, Submission 6, p. 42.

[84]PJCIS, Reviews of Administration and Expenditure No. 18 (2018-19) and No. 19 (2019-20) – Australian Intelligence Agencies, pp. 29-30.

[85]ASIO, Submission 6, p. 42.

[86]ASIO, Annual Report 2020-21, p. 138.

[87]ONI, Submission 4.1, p. 11.

[88]ONI, Submission 4.1, p. 12.

[89]ONI, Submission 4.1, p. 12.

[90]ASD, Annual Report 2020-21, p. 99; ASD, Submission 8, p. 21.

[91]ASD, Annual Report 2020-21, p. 99.

[92]ASD, Annual Report 2019-20, p. 101.

[93]ASD, Annual Report 2020-21, p. 105.

[94]ASD, Submission 8, p. 25.

[95]Department of Defence (DIO), Submission 9.1, p. 15.

[96]Department of Defence (DIO), Submission 9.1, p. 14.

[97]Department of Defence (AGO), Submission 9, p. 15.

[98]Department of Defence (AGO), Submission 9, p. 17, 25.

[99]Department of Defence (AGO), Submission 9, pp. 32-33.

[100]ASIO, Submission 6, p. 58.

[101]ASIO, Submission 6, p. 61.

[102]ASIO, Submission 6, p. 61.

[103]ASIO, Submission 6, p. 61.

[104]ASIO, Submission 6, p. 61.

[105]ASIO, Submission 6, p. 61.

[106]ASIO, Submission 6, p. 61.

[107]ASD, Submission 8, p. 42.

[108]ONI, Submission 4.1, p. 13

[109]ONI, Submission 4.1, p. 21.

[110]Department of Defence (DIO), Submission 9.1, pp. 18-19.

[111]Department of Defence (AGO), Submission 9, pp. 39-40.

[112]See also IGIS, Annual Report 2020-21, October 2021, pp. 61-64

[113]ASIS, Life at ASIS: Benefits, www.asis.gov.au/Life-At-ASIS/Benefits, accessed 13 July 2023.

[114]IGIS, Annual Report, www.igis.gov.au/about/annual-report.

[115]IGIS, Annual Report 2020-21, p. 61.

[116]IGIS, Annual Report 2020-21, p. 61.

[117]IGIS, Annual Report 2020-21, p. 62; IGIS, Submission 10, p. 16.

[118]IGIS, Annual Report 2020-21, p. 63.

[119]IGIS, Annual Report 2020-21, pp. 61-63.

[120]IGIS, Annual Report 2020-21, p. 63.

[121]IGIS, Annual Report 2020-21, p. 63.

[122]IGIS, Annual Report 2019-20, p. 63; IGIS, Submission 10, p. 16.

[123]IGIS, Annual Report 2020-21, p. 64.

[124]ASIS, Submission 7, p. 41; ONI, Submission 4.1, p. 13.

[125]Department of Defence (DIO), Submission 9.1, p. 19.

[126]Department of Defence (AGO), Submission 9, p. 38.

[127]ASIO, Submission 6, p. 56

[128]ASD, Submission 8, p. 46

[129]ASD, Submission 8, p. 46.

[130]PJCIS, Committee Hansard, Canberra, 14 & 15 November 2022.

[131]ASIS, Submission 7, pp. 37-38; ONI, Submission 4.1, p. 15; ASIO, Submission 6, p. 75.

[132]ONI, Submission 4.1, p. 15.

[133]ASIO, Submission 6, p, 75.

[134]ASIO, Submission 6, p, 75.

[135]ANAO, Auditor-General Report No. 2 of 2021-22, p. 35.

[136]ANAO, Auditor-General Report No. 2 of 2021-22, p. 37.

[137]Auditor-General Act 1997, Part 4, Division 2, Section 17.

[138]Auditor-General Act 1997, Part 5, Division 2, Section 37(2-3).

[139]Auditor-General Act 1997, Part 5, Division 2, Section 37(5).

[140]Auditor-General Act 1997, Part 3, Sections 8 and 10.

[141]Intelligence Services Act 2001, s 8.

[142]ASIS, Submission 7, p. 22; Department of Defence (AGO), Submission 9, pp. 11-12; ASD, Submission 8, pp. 9-10.

[143]ASIS, Submission 7, pp. 22-23.

[144]ONI, Submission 4.1, pp. 17-18.

[145]ONI, Submission 4.1, pp. 17-18.

[146]ASIO, Submission 6, p. 19-21, ASIO, Annual Report 2020-21, p. 34.

[147]ASIO, Submission 6, p. 19.

[148]ASD, Submission 8, p. 63.

[149]ASIS, Submission 7, pp. 17-19.

[150]Department of Defence (DIO), Submission 9, pp. 8-9.

[151]Department of Defence (AGO), Submission 9, pp. 11-12.

[152]IGIS, Annual Report 2020-21, October 2021, p. 2.

[153]IGIS, Submission 10, p. 19. The functions of the Inspector-General are prescribed under sections 8, 9 and 9A of the Inspector-General of Intelligence and Security Act 1986.

[154]IGIS, Submission 10, p. 19.

[155]IGIS, Submission 10, p. 19.

[156]IGIS, Submission 10, pp. 4-6.

[157]IGIS, Submission 10, pp. 5.

[158]IGIS, Submission 10, pp. 7-8.

[159]IGIS, Submission 10, p. 9; PJCIS, Committee Hansard, Canberra, 14 November 2022, p. 50.

[160]IGIS, Submission 10, p. 9.

[161]ASIO, Submission 6, p. 77.

[162]ASIO, Annual Report 2020-21, p. 145.

[163]ASIO, Annual Report 2020-21, p. 145.

[164]ASIO, Annual Report 2020-21, pp. 145-146.

[165]ASIO, Submission 6, p. 99.

[166]ASIO, Submission 6, p. 100.

[167]ASIO, Submission 6, p. 100.

[168]ONI, Submission 4.1, p. 21.

[169]ASD, Submission 8, pp. 56-59.

[170]ASD, Submission 8, pp. 60-61.

[171]ASD, Submission 8, pp. 60-61.

[172]ASIS, Submission 7, p. 21.

[173]ASIS, Submission 7, p. 21.

[174]Department of Defence (DIO), Submission 9, p. 22.

[175]Department of Defence, Defence Economic Trends in the Asia-Pacific, September 2020.

[176]Department of Defence (AGO), Submission 9, p. 46.

[177]National Archives of Australia (NAA), Access to records under the Archives Act, www.naa.gov.au/help-your-research/using-collection/access-records-under-archives-act, accessed 20 December 2022.

[178]NAA, Access to records under the Archives Act.

[179]ASIO, Submission 6, p. 103.

[180]ASIO, Submission 6, p. 103.

[181]ASIO, Submission 6, p. 103.

[182]ASIS, Submission 7, pp. 21-22.

[183]ONI, Submission 4.1, p. 22.

[184]Department of Defence (DIO), Submission 9, p. 22.

[185]Department of Defence (AGO), Submission 9, p. 46.

[186]Department of Defence (AGO), Submission 9, p. 46.

[187]ASD, Submission 8, p. 60.

[188]ASD, Submission 8, p. 60.

[189]ASD, Submission 8, p. 60.

[190]ASD, Submission 8, pp. 61-62.

[191]See section 37 of the Auditor-General Act 1997; ANAO, Submission 2.1, p. 2.

[192]Auditor-General Act 1997, s. 37.