The GOVERN Function establishes and nurtures a culture of AI risk management… defining structures, policies, and accountability mechanisms across the AI lifecycle.
The AI Maturity Framework supports this need by offering a comprehensive, systematic approach to assessing an organisation’s readiness for AI.
AI governance is not a single function, discipline or technology… organizations often use AI governance vendors to augment work that they cannot do on their own or provide an external perspective.
A structured profile mapping risk management practices for agentic AI systems, aligning lifecycle controls, governance mechanisms, and technical safeguards with emerging standards and real-world deployment risks.
GenAI is arriving in boardrooms… compresses decision cycles… but also introduces risks — hallucinations, prompt-injection attacks, opaque reasoning… that can threaten the reliability of operations.
MCP servers act as bridges between AI assistants and external tools… any security gap could allow attackers to manipulate those AI assistants, steal sensitive information, or compromise downstream systems.
This issue highlights the newest and best in AI governance — the ideas shaping oversight, risk, and policy today. Future editions will explore new lenses: practical tools, policy guides, and training resources. Each one will bring a fresh perspective — and your voice is welcome.
This issue highlights the newest and best in AI governance — the ideas shaping oversight, risk, and policy today. Future editions will explore new lenses: practical tools, policy guides, and training resources. Each one will bring a fresh perspective — and your voice is welcome.
This issue highlights the newest and best in AI governance — the ideas shaping oversight, risk, and policy today. Future editions will explore new lenses: practical tools, policy guides, and training resources. Each one will bring a fresh perspective — and your voice is welcome.
“Set up the required accountability processes to guide your organisation’s safe and responsible use of AI…” (Guardrail 1), alongside a practical, board-facing framing of risk, compliance, and culture change.
Frontier AI companies already use their best models to help build better ones. This workshop report maps competing “automation trajectories,” proposes indicators to track, and sketches policy options—especially transparency—to reduce strategic surprise.
The standard consists of 10 voluntary guardrails that apply to all organisations throughout the AI supply chain… helping organisations to benefit from AI while mitigating and managing the risks.
A practical, policy-oriented guide explaining why AS ISO/IEC 42001:2023 matters, how AI management system standards work, and how certification can support trustworthy, responsible AI adoption across Australian organisations.
This white paper proposes a probabilistic, evidence-based approach to defining AI cyber risk thresholds, arguing that current capability-based thresholds are insufficient and introducing Bayesian networks as a tool for operationalizing uncertainty in AI-enabled cyber threats.
“Organizations with established AI governance are accelerating adoption with confidence, while the rest are moving quickly but without the structures needed to manage emerging risk.”
A mandatory, lifecycle-based self-assessment framework guiding NSW Government agencies in the safe, ethical, and responsible design, deployment, and use of AI systems, with a strong focus on elevated-risk and generative AI use cases.
This issue brief analyzes over 200 real-world AI incidents to identify six recurring mechanisms through which AI systems cause harm, showing that failures often emerge from governance, context, and human–AI interaction rather than model capability alone.
“An ability of individuals, organisations, and systems to perform AI regulatory functions effectively, efficiently, and sustainably across the lifecycle, to achieve defined strategic and policy objectives for AI regulation.”
A vendor-neutral AI security and governance framework translating AI risk principles into actionable controls across the GenAI lifecycle, aligned with ISO/IEC 42001, NIST AI RMF, and the EU AI Act.
“The year 2025 marked the definitive end of the ‘AI ethics debate era’ and the beginning of the ‘AI governance execution era.’ Abstract principles collided with concrete legislation, litigation, and boardroom accountability.”
“Say you are unconstrained by money, and can get all the talent in the world – what are the top interventions that will have a substantial impact over the next two years?”
“Financial supervision therefore serves as the practical enforcement mechanism of financial regulation, ensuring that policies translate into effective oversight and resilient financial markets.”
“AI is already reshaping our polity, our economy, our security and even our society. AI is writing the code for humanity in this century.”
“Traditional Third-Party Risk Management programs face an unprecedented challenge: AI-powered systems introduce entirely new categories of risk that extend far beyond conventional cybersecurity concerns.”
Curated Library of AI Governance Resources
