Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Privacy for agencies

Information Matching (Compliance) Auditing

Part 10 of the Privacy Act regulates the operation of government information matching so as to minimise the privacy risks and maintain public confidence in the fair handling of data. It places a special responsibility upon the Privacy Commissioner to oversee compliance with the controls in Part 10.

In response to the growth and changing nature of authorised information matching programmes, the compliance audit approach to reporting has been developed. The audit approach assesses compliance with the Privacy Act information matching controls in two parts.

The first, called the documentation audit, looks at departmental documentation, policies, codes of practice and guidelines. The second, called the process audit, focuses upon the agency management and staff involved in operating the programme.

The information matching compliance team at the Office of the Privacy Commissioner welcome any feedback that enables the audit approach to be further enhanced.

View the most current Information Matching Compliance Auditing Information Pack here.