AI Security and Governance for Australian and New Zealand Organisations

What is AI governance and why does it matter in Australia and New Zealand?

AI governance is the set of policies, frameworks, roles, and controls that determine how an organisation adopts, monitors, and is accountable for AI systems. In Australia and New Zealand, it matters because regulators have made it a board-level obligation. APRA's April 2026 letter requires all regulated entities to establish governance arrangements covering AI ownership and accountability across the full AI lifecycle, from design and development through to deployment, monitoring, and decommissioning. ASIC's May 2026 letter required boards to table and discuss AI cyber risks at governance committees. Entities that cannot demonstrate adequate AI governance now face supervisory action and potential enforcement.

What is ISO 42001 and is it required in Australia or New Zealand?

ISO/IEC 42001:2023 is the international standard for AI management systems. It provides a structured framework for organisations to establish, implement, maintain, and continually improve an AI management system, similar in structure to ISO 27001 for information security. It is not yet mandated by legislation in Australia or New Zealand, but it is directly referenced as a recognised control framework by major regulatory guidance and is increasingly expected by procurement teams and regulated sector counterparties. For organisations subject to APRA or ASIC oversight, ISO 42001 certification provides the independent, documented evidence of AI governance maturity that regulators expect boards to be able to produce.

What is AI red teaming and why do Australian organisations need it?

AI red teaming is adversarial testing of AI systems to identify security vulnerabilities before they can be exploited. APRA's 2026 observations found gaps in the scope and coverage of security testing for AI implementations across APRA-regulated entities. Specific attack vectors APRA named include prompt injection, data leakage, insecure integrations, AI-generated code exploit injection, and manipulation of autonomous AI agents. AI red teaming validates that your AI systems are hardened against these attack vectors and that your detection controls will identify exploitation attempts. The ASD's Frontier AI advisory reinforces this requirement, noting that AI is shortening the time between vulnerability discovery and exploitation.

What does AI Assurance mean in a cybersecurity context?

AI Assurance in a cybersecurity context means continuous, evidence-based validation that your AI systems are performing as intended, that they are protected from adversarial manipulation, and that your governance controls are working. APRA observed that most entities had relied on point-in-time and sample-based assurance methods, which are ill-suited to AI systems that learn, adapt, and degrade over time. APRA expects:

• Continuous validation and monitoring for model drift, bias, and control breakdowns
• Integrated assurance across cyber security, data governance, model performance risk, operational resilience, privacy, and conduct risks
• Second-line risk and internal audit functions with the technical capability to independently assess AI systems

Insicon Cyber delivers AI Assurance through F5's runtime AI security platform, which provides continuous traffic inspection, threat detection, and control validation for AI workloads.

What do boards in Australia and New Zealand need to do about AI governance right now?

APRA is explicit about minimum board-level requirements. Boards must maintain sufficient AI literacy to set strategic direction and provide effective challenge and oversight. They must oversee an AI strategy consistent with the entity's risk appetite, supported by effective monitoring and reporting. In practical terms, this means boards should:

• Receive and review an AI inventory covering all AI tooling and use cases within the organisation
• Understand and approve the organisation's AI risk appetite settings
• Satisfy themselves that AI cyber security testing is proportionate and current
• Ensure human oversight and accountability is documented for high-risk AI decisions
• Verify that AI supplier contracts include audit rights, incident notification, and substitution provisions

ASIC additionally requires that evidence, not assurance, underpin board confidence: test results, audit findings, lessons from incidents, and independent validation.

What does the Five Eyes AI call to action mean for organisations in Australia and New Zealand?

The Five Eyes joint statement issued on 22 June 2026 was a direct instruction from the heads of Australia's ACSC, New Zealand's NCSC, the UK NCSC, CISA, and NSA. The key messages for organisations in Australia and New Zealand are:

• Frontier AI models are expected to exceed current industry expectations and fundamentally transform offensive and defensive cyber capabilities within months, not years
• Cyber risk is no longer a technical issue. It is a core business risk and leadership responsibility
• Controls must be verified to perform under real incident pressure, not just demonstrated on paper
• AI must be used deliberately to strengthen defence, including for vulnerability detection, behavioural monitoring, and incident response

For New Zealand organisations, the statement carries the authority of the NCSC Government Communications Security Bureau and aligns with NZISM requirements for risk-based security management.

Which Australian sectors face the highest AI governance obligations?

The highest current regulatory obligations sit with APRA-regulated entities (banks, insurers, superannuation trustees), ASIC-licensed entities (AFS licensees, market participants and their directors), and organisations subject to the Security of Critical Infrastructure Act 2018 (SOCI Act). Aged care providers face growing obligations under the Aged Care Act 2024, which includes quality and safety standards that extend to technology governance and data handling. Healthcare organisations operating under the Privacy Act 1988 face specific data governance obligations where AI systems process health information. In New Zealand, organisations subject to the NZ Privacy Act 2020 and NZISM are expected to apply equivalent risk management principles to AI systems that handle personal or classified information.

How long does ISO 42001 certification take and what is involved?

The timeline depends on an organisation's existing AI maturity and documentation baseline. For most mid-market organisations starting from a low baseline, a typical implementation and certification pathway runs across three to six months, comprising a gap assessment, framework design, policy and control documentation, management system implementation, internal audit, and third-party certification audit. Insicon Cyber's ISO 42001 implementation service covers each of these stages. Organisations with existing ISO 27001 certification have a significant advantage because the management system structures are compatible. ISO 42001 can be implemented alongside ISO 27001 in an integrated management system, reducing duplication and audit overhead.

F5 AI Assurance

Runtime security and adversarial testing for AI workloads, powered by F5. Validates that your AI systems are hardened against prompt injection, data leakage, insecure integrations, and agent manipulation before and after deployment.

• AI red team assessment and penetration testing
• Runtime traffic inspection and threat detection
• Continuous AI workload monitoring
• AI-specific attack vector validation
• Meets APRA's AI security testing expectations

ISO 42001 Implementation

End-to-end implementation of an ISO/IEC 42001 AI management system, from gap assessment through to third-party certification. Provides the documented, independently validated evidence of AI governance maturity that APRA and ASIC expect boards to be able to produce.

• Gap assessment against ISO 42001 requirements
• Policy, framework, and control documentation
• AI inventory and risk classification
• Internal audit and pre-certification readiness
• Compatible with existing ISO 27001 management systems

Managed Compliance

Ongoing management of AI compliance obligations across ISO 42001, ISO 27001, Essential Eight, and sector-specific frameworks including APRA CPS 234, NZISM, and the Aged Care Act 2024. Keeps governance current as your AI footprint and the regulatory environment evolve.

• Continuous compliance monitoring against applicable frameworks
• Regulatory change management and impact assessment
• Board and executive reporting on AI governance posture
• AI supplier risk management and contractual assurance
• Trans-Tasman coverage for Australian and New Zealand operations

Financial Services

APRA-regulated banks, insurers, and superannuation trustees face the most explicit AI governance obligations in Australia. ASIC requirements extend to all AFS licensees and market participants.

Aged Care

Providers subject to the Aged Care Act 2024 face quality and safety standards that extend to technology governance. AI systems handling resident data and care decisions require governance frameworks and security controls.

Healthcare

Organisations processing health information under the Privacy Act 1988 and in New Zealand under the NZ Privacy Act 2020 face specific obligations where AI systems access, process, or generate clinical or personal data.

Government and Critical Infrastructure

Entities subject to the SOCI Act 2018 and the NSW Government Cyber Security Strategy 2026-2028 are expected to embed AI governance into existing security and risk management frameworks.

Professional Services

Law firms, accounting firms, and advisory businesses are integrating AI into practice areas that handle sensitive client information. Governance frameworks protect professional obligations, client confidentiality, and firm liability.

Mid-Market Operators (ANZ)

Mid-market organisations across Australia and New Zealand lack the internal AI risk capability that enterprise security teams maintain. Insicon Cyber's managed approach delivers board-ready governance at a scale that fits the organisation.