Privacy Policy

Q: How long does an AI governance assessment take?

The assessment process involves five stages: governance review, policy alignment, independent assessment, maturity determination, and governance uplift roadmap. Timeline varies based on organisation size, AI complexity, and current governance maturity.

Q: What assessment level do I need?

Choose Early Stage assessment for initial or pilot AI use, Operational assessment for AI in production, or Full Governance assessment for high-risk or regulated AI deployments. An initial consultation can help determine the appropriate level.

About AI Governance Council Australia

AI Governance Council Australia (AIGC) provides independent AI governance readiness assessment and governance risk and control review for Australian organisations. We help reduce AI risk, protect boards and executives, and meet Australia's evolving AI governance expectations.

Our Mission

To establish trusted, independent standards for responsible AI deployment in Australia, protecting organisations and the public from AI-related harms while enabling innovation.

Why AI Governance Matters

Board and Executive Liability: Directors face increasing personal exposure for AI decisions
Procurement Requirements: Major contracts now require evidence of AI governance
Insurance and Risk Transfer: Insurers are scrutinising AI practices in underwriting
Regulatory Trajectory: Australian regulation is intensifying across sectors

Our Services

AI Governance Assessment

Comprehensive independent assessment of your AI systems, policies, and risk management practices. We identify legal, ethical, and operational risks before they become problems. Our assessment includes technical review, policy analysis, risk identification, gap analysis, and a detailed remediation roadmap.

Governance Readiness - Early Stage

Foundational governance readiness assessment for organisations with early stage or pilot AI use. Demonstrates your commitment to responsible AI development from the start. Includes governance framework review and basic policy assessment.

Governance Readiness - Operational

For organisations with AI in production. Confirms active governance controls, monitoring processes, and risk management procedures are in place. Includes comprehensive system assessment, operational review, and ongoing monitoring requirements.

Governance Maturity Evaluation - Full Governance

Comprehensive governance maturity evaluation for organisations with high-risk or regulated AI use. Provides maximum assurance and oversight for critical sectors including healthcare, financial services, and government. Includes complete governance audit, ongoing oversight, and annual reassessment.

Our Role

We provide independent assessment and governance risk identification. Implementation remains the responsibility of the organisation or its advisors.

Assessment Levels

Our three-tier assessment framework matches your organisation's AI maturity and risk profile:

Level 1: Early Stage

For organisations with early stage or pilot AI use. Scope: Basic governance framework, foundational policies. Requirements: Board awareness, documented policies, basic risk assessment. Timeline: 4-6 weeks. Cost: $8,500 + GST.

Level 2: Operational

For organisations with AI in production. Scope: Active governance controls, monitoring processes. Requirements: Operational policies, risk management procedures, incident response. Timeline: 6-8 weeks. Cost: $15,000 + GST.

Level 3: Full Governance

For high-risk or regulated AI deployments. Scope: Comprehensive governance, ongoing oversight. Requirements: Complete governance framework, board oversight, continuous monitoring. Timeline: 8-12 weeks. Cost: Custom pricing.

Our Methodology

Our AI governance assessment methodology is built on five core principles: independence, evidence-based assessment, risk-based approach, Australian context, and practical implementation. We assess across six governance domains: strategy and accountability, risk management, data governance, model governance, transparency and explainability, and monitoring and review.

Governance Framework

Our governance framework is designed for Australian organisations deploying AI systems. It provides structured guidance across all critical governance domains while remaining flexible enough to adapt to your specific context.

Framework Components

Governance Structure: Board oversight, executive accountability, governance committees
Risk Management: Risk assessment processes, mitigation strategies, incident response
Data Governance: Data quality, privacy protection, security controls
Model Governance: Development standards, validation processes, change management
Operational Controls: Monitoring systems, performance metrics, audit trails
Transparency: Documentation standards, explainability requirements, stakeholder communication

Ethics and Independence

Independence is fundamental to our assessment process. We maintain strict separation from consulting services, technology vendors, and commercial interests that could compromise our assessments.

Our Independence Commitments

No commercial relationships with assessed organisations beyond the assessment engagement
Assessors have no financial interest in assessment outcomes
Transparent methodology available for public review
Regular external audits of our assessment processes
Clear complaints and appeals procedures

Priority Sectors

We focus on sectors where AI risk exposure and regulatory scrutiny are highest:

Healthcare

AI in diagnostics, treatment planning, and patient care requires rigorous governance to protect patient safety and meet regulatory requirements.

Financial Services

AI in lending, fraud detection, and investment decisions faces intense regulatory scrutiny and poses significant liability risks.

Government

AI in public services, law enforcement, and decision-making must balance efficiency with fairness, transparency, and accountability.

Resources

We provide comprehensive resources to help Australian organisations understand and implement AI governance:

Australian Government AI Ethics Principles
NIST AI Risk Management Framework
EU AI Act Overview
ISO/IEC AI Standards
Industry-specific AI guidance
AI governance templates and checklists

Frequently Asked Questions

What is an AI governance readiness assessment?

An AI governance readiness assessment is an independent evaluation process that confirms an organisation has implemented appropriate policies, controls, and accountability structures for responsible AI deployment.

Why do organisations need AI governance?

AI governance helps organisations reduce board and executive liability, meet procurement requirements, manage insurance exposure, protect reputation, and address increasing regulatory scrutiny.

What are the risks of not implementing AI governance?

Without proper AI governance, organisations face board and executive liability, procurement rejection, increased insurance costs, reputational damage, and regulatory enforcement action.

How long does an AI governance assessment take?

Timeline varies based on assessment level: Early Stage (4-6 weeks), Operational (6-8 weeks), Full Governance (8-12 weeks).

What assessment level do I need?

Choose Early Stage for initial AI use, Operational for AI in production, or Full Governance for high-risk AI deployments.

Is AIGC government-affiliated?

No, we are an independent organisation. While we align with Australian Government AI guidance, we maintain complete independence.

Contact Information

Request an AI risk assessment or executive briefing. We respond to all enquiries within 24 hours.

Email: info@aigcaustralia.com.au

Location: Australia

Available for: AI governance assessments, governance risk and control reviews, executive briefings, speaking engagements

Last updated: January 2026

1. Introduction

AI Governance Council Australia is a trading name of FIMALU Pty Ltd (ABN 46 674 338 839). We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our services.

Legal Entity:
FIMALU Pty Ltd
trading as AI Governance Council Australia
ABN 46 674 338 839

FIMALU Pty Ltd is responsible for compliance with this Privacy Policy.

2. Information We Collect

We may collect the following types of personal information:

Contact information (name, email address, phone number, business address)
Professional information (job title, organisation name, industry sector)
Communication records (correspondence, enquiries, feedback)
Assessment-related information provided during governance reviews
Information relating to governance documentation provided during assessments, which may include internal policy documents and organisational controls
Website usage data (IP address, browser type, pages visited)
Newsletter subscription preferences

3. How We Collect Information

We collect personal information through:

Direct interactions when you contact us, submit enquiries, or engage our services
Our website when you complete forms, subscribe to newsletters, or browse our pages
Assessment processes when organisations provide documentation and information for review
Professional networking and industry events
Third parties such as referrals from professional contacts

Assessment documentation provided during governance reviews may contain commercially sensitive or confidential business information. Such information is treated as confidential and is not disclosed except as required by law or with express authorisation.

4. How We Use Your Information

We use your personal information to:

Provide AI governance assessment services
Respond to your enquiries and communicate with you
Send newsletters and updates about AI governance (where you have consented)
Improve our services and website functionality
Comply with legal and regulatory obligations
Maintain records for audit and quality assurance purposes

5. Disclosure of Information

We do not sell, rent, or trade your personal information. We may disclose your information to trusted service providers who assist us in operating our business (such as IT support and email services), professional advisers (legal, accounting), regulatory authorities when required by law, and with your consent for specific purposes such as publishing assessment outcomes.

Assessment status may be published in AIGC's public assessment register where applicable.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

Personal information is stored on secure cloud infrastructure located in Australia or in jurisdictions with appropriate data protection safeguards.

Access to assessment documentation is restricted to authorised personnel and appointed assessors.

7. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, and to resolve disputes. Assessment records are retained for a minimum of seven years unless a longer retention period is required by law.

8. Your Rights

Under the Australian Privacy Principles, you have the right to:

Access the personal information we hold about you
Request correction of inaccurate or incomplete information
Request deletion of your information (subject to legal requirements)
Opt out of marketing communications at any time
Lodge a complaint about our handling of your information

Requests for access or correction should be submitted in writing to the contact details below.

9. Cookies and Analytics

Our website uses cookies and similar technologies to enhance your browsing experience and collect usage data. You can control cookie settings through your browser preferences. We use analytics services to understand how visitors interact with our website, which helps us improve our content and services.

10. Third-Party Links

Our website may contain links to third-party websites, including government resources and industry publications. We are not responsible for the privacy practices of these external sites, and we encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a revised effective date.

12. Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal information, please contact us:

FIMALU Pty Ltd
trading as AI Governance Council Australia
ABN 46 674 338 839

Email: privacy@aigc.org.au
Address: Sydney, Australia

We will respond to privacy complaints within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.