Management of resources

All public sector agencies use publicly-owned resources to enable their employees to do their jobs. Poor management of these assets can undermine the integrity and operational efficiency of public agencies. It can also provide opportunities for corrupt conduct.

Opportunities for the misuse of public resources arise most often for routine use of low-value resources such as office supplies, stationery, tools and equipment but they can also affect large-scale or high value assets.

The NSW Treasury Total Asset Management (TAM) Policy "applies to all government departments, state authorities, trusts and other government entities".  This policy was introduced to achieve better planning and management of the State's physical assets, both existing and planned.

Physical assets are items such as land, buildings, information technology, infrastructure, collections, equipment or fleet, owned or controlled by an agency as a result of past transactions or events, providing future economic benefits and having a definite business function or supporting the delivery of services.

The TAM Manual advises that agencies should apply and document a risk management process "whenever a significant decision has to be taken" including when they "set strategic directions; develop and evaluate programs and projects; and enter into contracts with the private sector".

The improper management of resources can constitute corrupt conduct as defined by the Independent Commission Against Corruption Act 1988.

Corruption risks

A risk assessment of the management of resources in a public sector agency is likely to identify some or all of the following corruption risks:

  • An employee regularly taking resources home for their own use, or to sell for personal benefit.
  • An employee deliberately over-ordering resources with the intention of misusing the surplus goods.
  • An employee stealing money from cash takings.
  • An employee colluding with a client to submit false or inflated invoices.
  • An employee destroying or distorting records to hide the misuse of resources.
  • An employee manipulating weak or inadequate log-in procedures for personal benefit. 
  • An employee misusing agency resources for secondary employment.
  • An employee failing to return company property upon ceasing employment.
  • An employee stealing a valuable item.

Managing corruption risks

As a minimum your agency should:

  • Introduce policy and procedures for the management of resources that contain the elements listed in the Policy Development Guide and Checklist (see Tips and tools below).
  • Include in the policy sanctions for any breach of the policy and procedures. 
  • Record which resources are available to be used by which employees and why.
  • Review the policy every two years.
  • Refer to the responsible use of resources in related corporate documents such as codes of conduct and secondary employment policies.
  • Develop policies and procedures about the use of specific types of resources such as vehicles or communications devices.
  • Train all relevant employees in the policy and procedures so they know what they are accountable for.
  • Include the loss of resources as a risk to be assessed in the agency's internal audit cycle and corruption risk management processes.

Risk management strategies

Following your risk assessment of the management of resources you should consider these risk management strategies:

  • Maintaining asset management systems that include asset registers and inventories of resources so that any losses can be easily identified.
  • Keeping records that show when resources are allocated to employees and returned.
  • Establishing a procedure to make sure that employees return resources when they leave the agency or no longer require the resource for their duties.
  • Conducting regular valuations and stocktakes of assets and regular reconciliations of cash resources to identify irregularities.
  • Securing all resources using methods commensurate with their value to reduce the likelihood of theft.
  • Securing hard and soft copies of sensitive and confidential asset records with limited access to storage units/computer codes in which they are stored.
  • Establishing a procedure for handling cash to reduce the risk of theft.
  • Segregating duties in the management of resources so that individuals are not responsible for approving their own usage or purchasing of public resources. 
  • Regularly reviewing records kept for the purchase, disposal and valuation of resources to identify irregularities.
  • Regularly auditing the use of resources, for example checking vehicle log books against fuel use, to identify irregularities.
  • Reviewing the records kept of resources that are misused or stolen to help determine the risks to the agency and the risk management strategies required.

Case studies

 Case study 1: Inadequate asset management system
In 2003, an ICAC investigation found that an employee of a major natural history museum had stolen dozens of specimens from the museum's collections. The investigation found that the employee had the opportunity to steal the specimens because of the poor systems and policies in place in the museum. These included that:
  • The museum's collections policy appeared to have been somewhat uncoordinated and incomplete during the period. There was a number of general and individual collection policies and some collections were not covered by any policy.
  • Specimens were left for considerable periods of time unsecured in employees' offices before being returned to their correct storage place. In addition, at least some offices could be accessed by the general employees' key, which meant they were difficult for staff to secure.
  • The museum had security guards, however it appears that their focus was on risks from outside the museum, such as visitors or intruders. They did not look for risks from inside the museum, such as from employees.
  • The museum's mailroom was not secured.
  • There was no clear policy or security provision preventing employees from bringing friends into the non-exhibit areas of the museum.
  • The employee was not closely supervised.
  • Procedures for conducting and recording inventories of collections were inconsistent, making discrepancies harder to detect.
 Case study 2: Poor asset records

A number of items of computer equipment had been removed, and apparently stolen, from a council's information technology (IT) area. An audit of the assets database found that the records concerning the purchase of this equipment had been deleted. The limited employee access to this database indicated that the equipment had been stolen by someone working in the IT area, who had then attempted to cover up the theft by deleting the purchase records. The council interviewed employees but was unable to identify the person responsible.  

After conducting a risk assessment, the council implemented corruption prevention measures to strengthen systems in the IT area. These included improved documentation and procedures regarding the purchase of new equipment, and disposal of obsolete equipment, and improved procedures in the storage, access and internal transfer, of this equipment. The council also reported the matter to the Police.

 Case study 3: Process vulnerable to fraud
During an audit of its meal voucher system an agency found discrepancies in the distribution and approval of the vouchers within a particular unit. An investigation found that an employee within the unit had taken meal vouchers on several occasions without permission, and had signed her manager's name in an apparent attempt to conceal her conduct. The agency reviewed the process for obtaining and issuing meal vouchers and instituted changes including keeping the vouchers locked up and restricting access

Frequently asked questions

Should my agency spend a lot of effort managing low value items?

It can be more economical to concentrate on managing more valuable assets. However, low-value items can be misused or stolen more easily or in larger amounts than higher value ones. An accumulation of small losses over a long period can still be significant. 

Another reason to control the risk of low-value resources being misused is that this kind of misuse can create a perception that any assets can be stolen or misused.  If employees and others believe that misuse is easy, or even tolerated, over time a culture of misuse can become entrenched and difficult to change. 

A risk assessment can tell you the size and consequence of the loss posed by each type of risk so you can determine how much work should go into managing it. 

Can there be too much control of an agency's resources?

The risks of misuse and theft of resources must be balanced with the need to have resources available for legitimate use. If controls are onerous people may try to avoid or circumvent them. A useful approach is to link access to resources to the positions that need to use them. Stationery needed for day-to-day work, such as pens and paper, could be available to staff to use as needed, while only certain people, such as IT staff, might have access to printer cartridges and will be responsible for replacing these as needed.

My work area is going to merge with another that uses similar, but not identical, resources.  Is this the kind of "significant decision" referred to in the TAM Manual?

A merger is a good time to review operational risks and introduce risk management strategies. Opportunities for corruption often arise when workplace functions are transferred or restructured because management controls can become obsolete or leave some work functions exposed. The merger process should include a stocktake of all resources and a risk assessment to estimate possible misuse in the new organisational structure.

How much risk should be accepted in the management of resources? 

Accurate records of the resources commonly provided are still necessary as an audit measure. They can also be used to detect misuse; for example, a significant increase in the use of printing paper, without any apparent operational explanation for this increase, could indicate theft.   


Other publications

  • Asset Management Planning for NSW Local Government, Position Paper, NSW Department of Local Government 2006
  • Inappropriate use of council resources, Circular 06-64, NSW Department of Local Government, 2006
  • Model Code of Conduct for NSW public agencies, Sydney, 1997
  • Personnel Handbook, NSW Department of Premier and Cabinet Sydney, September, 2005
  • Policy and Guidelines for the use by staff of communication devices, NSW Department of Premier and Cabinet, Sydney, January, 1999
  • Scrap and low-value asset disposal - a best practice checklist, Crime and Misconduct Commission (Qld), March 2002
  • The Model Code of Conduct for Local Councils in NSW, NSW Department of Local Government

NOTE: Publications on Total Asset Management can be found at NSW Treasury ( and NSW Government Asset Management Committee (


Relevant ICAC investigations

Relevant websites

Related topics on the ICAC website