The Australian Bureau of Statistics (ABS) has a little over four months to complete preparations for the 2021 Census, and hopes it will avoid the embarrassment that plagued the agency nearly five years ago.
The change of approach is expected to counter any repeats of what occurred in 2016, when the ABS experienced a series of small denial-of-service (DDoS) attacks, suffered a hardware router failure, and baulked at a false positive report of data being exfiltrated which resulted in the Census website being shut down and citizens unable to complete their online submissions.
The Census was run on on-premises infrastructure procured from tech giant IBM.
Facing Senate Estimates on Wednesday night, Deputy Australian statistician Teresa Dickinson said preparations for the next Census are well advanced.
"Census day is the 10th of August, and we are on track. In our metrics, where we measure progress against the Census, many of the sub programs of work are 'green', there are a few that remain 'amber', and the reason is that we still have some testing and defect remediation to do on our technical work," Dickinson said. "But we are on track to do that, by the time the form goes live."
In response to the omnishambles that was the 2016 Census, there have been three reviews that made 36 recommendations, 29 of which were directed at the ABS and agreed upon. There was also a report prepared by the Australian National Audit Office (ANAO).
"We had a number of reviews ... which made quite a number of recommendations. All those recommendations have been actioned," Dickinson said. "And as part of actioning those recommendations, we've done a great deal around cybersecurity."
She said the ABS has worked very closely with cybersecurity experts in building the completely new system. Further funding, she disclosed, was provided to the Bureau largely to "mitigate cybersecurity risk".
ANAO in November labelled the preparation for the 2021 Census by the ABS as "partly effective".
It said generally appropriate frameworks have been established to cover the Census IT systems and data handling, and the procurement of IT suppliers, but that the ABS has not put in place arrangements for ensuring improvements to its architecture framework, change management processes, and cybersecurity measures will be implemented ahead of the 2021 Census.
"The ABS has been partly effective in addressing key Census risks, implementing past Census recommendations, and ensuring timely delivery of the 2021 Census," the auditor added. "Further management attention is required on the implementation and assessment of risk controls."
Additionally, Dickinson confirmed it has over 50 suppliers and partners working on the Census.