DTA Policy 2.0 Is In Force. Is Your Agency Compliant?
The Digital Transformation Agency's Policy for Responsible Use of AI in Government requires designated accountable officials, published transparency statements, and risk-based governance across every non-corporate Commonwealth entity. ANAO audits have already identified critical gaps, with 74% of AI models at the ATO alone lacking completed data ethics assessments.
With all APS employees required to complete mandatory AI training by June 2026 and the AI Review Committee launching in Q1 2026, Australian government organisations need governance strategies that work now. Our team of AI consulting specialists helps agencies achieve compliance, manage risk, and build sustainable governance frameworks.
Public Sector AI Governance Is Different
Multi-layered compliance requirements, heightened scrutiny from citizens and Parliament, and accountability obligations under administrative law create governance challenges that private sector frameworks cannot address. Government organisations need AI consulting services built for the public sector.
"We need to publish a transparency statement"
DTA requires all non-corporate Commonwealth entities to publish AI transparency statements on public-facing websites. Statements must use clear, plain language consistent with the Australian Government Style Manual, provide a high-level overview of how the organisation uses and manages AI, and include a public contact email. The February 2025 deadline has passed. Annual updates are mandatory. Has your agency published?
"Who is accountable for our AI?"
Every agency must designate accountable officials with contact details provided to DTA. The National AI Plan 2025 goes further, mandating Chief AI Officers in every agency. Post-Robodebt, accountability for automated decision-making is under intense scrutiny from Parliament, the OAIC, and the public. Clear roles and risk management responsibilities are not optional.
Define accountability structures →"How do we assess AI risk?"
DTA's AI Impact Assessment Tool requires agency teams to identify, assess, and manage risks against Australia's 8 AI Ethics Principles. High-risk use cases covering security-relevant capabilities, critical infrastructure, or large-scale decision-making must be referred to the AI Review Committee. Do your teams have the capability to complete these assessments and prepare the documentation?
Build risk assessment capability →DTA Policy 2.0 Requirements at a Glance
The Policy for Responsible Use of AI in Government (Version 2.0, effective 15 December 2025) mandates specific actions for all non-corporate Commonwealth entities. Our AI consulting team helps organisations meet each requirement with practical, audit-ready solutions.
Strategic AI Approach
Agencies must develop a strategic approach to AI adoption aligned with organisational goals and the "enable, engage and evolve" framework. This strategy must support operational objectives while addressing risk management priorities.
Operationalise Responsible AI
Establish an approach to operationalise responsible AI use through governance structures, policies, and procedures. This includes standing up cross-functional AI governance committees, defining approval processes, and embedding compliance into operational workflows.
Designated Accountability
Ensure designated accountability for AI use cases with accountable officials identified and contact details provided to DTA. The National AI Plan also mandates Chief AI Officers for every agency to provide strategic leadership and oversight.
Risk-Based Actions
Undertake risk-based use case-level actions using DTA's AI Impact Assessment Tool to assess risks against Australia's AI Ethics Principles. Low-risk cases require executive endorsement. Medium or high-risk cases proceed through detailed assessment sections covering fairness, transparency, and safety.
Transparency Statements
Publish AI transparency statements on public-facing websites using clear, plain language consistent with the Australian Government Style Manual. Statements must demonstrate compliance with each policy requirement and be updated annually, or whenever a significant change materially impacts accuracy.
Mandatory APS AI Training
AI fundamentals training is now mandatory for all Australian Public Service employees to ensure baseline understanding of responsible AI use. All Commonwealth staff must complete training by June 2026 under the APS AI training mandate.
Automated Decision-Making Is Under Scrutiny
The Robodebt Royal Commission exposed the consequences of unlawful automated decision-making in government. Australian agencies deploying AI in service delivery, compliance, and fraud detection face intense public and regulatory attention. Algorithmic accountability is no longer aspirational.
Robodebt: $1.73B in Consequences
The Robodebt scheme resulted in a $1.73 billion settlement after the Royal Commission found unlawful automated decision-making that adversely affected hundreds of thousands of Australians. Recommendation 17.1 calls for a consistent framework ensuring automated decision-making systems are fit for purpose, lawful, fair, and do not adversely affect human and legal rights. This case study permanently changed how Australian government organisations must approach AI governance.
Services Australia now commits: "No AI used to process claims. Final decisions always made by humans."
Administrative Law and ADM Reform
The Attorney-General's Department consultation on automated decision-making reforms closed in January 2025. Proposed reforms include improved governance, a consistent legal framework, enhanced transparency, and protections for personal information. The Law Council emphasises that automated decisions must satisfy administrative law principles: lawfulness, procedural fairness, rationality, and explainability. These requirements apply to every AI system that influences decisions affecting citizens.
OAIC recommends express obligations for agencies to proactively publish information about ADM use, aligned with the FOI Act and Privacy Act.
FOI and Privacy Implications
AI systems used in government decision-making are subject to Freedom of Information obligations. Agencies must ensure their AI produces outputs that can be explained, documented, and disclosed under FOI requests. The Privacy and Other Legislation Amendment Bill 2024 also requires entities to disclose in their privacy policies the types of personal information used in automated decisions that have legal or similarly significant effect on individuals.
Our consultants help agencies prepare FOI-ready documentation and privacy-compliant AI governance frameworks.
Public Sector AI Use Cases at Scale
Australian government organisations are deploying AI across service delivery, compliance monitoring, and fraud detection. The ATO has 43 AI models in production. Over 50 agencies participated in the Microsoft Copilot trial with 7,400+ public servants. The GovAI platform provides secure, Australian-based infrastructure for developing customised AI solutions. Each use case requires governance, risk management, and transparency under DTA policy.
Our team helps agencies govern AI across the full lifecycle: discover, operate, and retire.
State Government AI Frameworks Vary
NSW, Victoria, and Queensland have distinct AI governance frameworks with different compliance obligations. Multi-jurisdictional organisations need strategies that satisfy all of them. Our AI consulting team provides tailored solutions for each state's requirements.
NSW AI Assurance Framework
Mandatory under Circular DCS-2024-04 for all NSW Government Agencies. The NSW AI Assessment Framework applies across the full AI lifecycle. High or Critical use cases must be referred to the AI Review Committee for review, and agencies must register them in their AI register.
- • Five overarching principles: Trust, Transparency, Customer Benefit, Fairness, Privacy and Accountability
- • AI Agent Usage and Deployment Guidance (2025) for safe agentic AI adoption
- • Digital Assurance Framework integration and $2.7M Early Adopter Grant Program for 16 councils
VIC AI Strategy and Administrative Guideline
The Administrative Guideline for Safe and Responsible Use of Generative AI in the Victorian Public Sector (June 2025) applies to all public service bodies under the Public Administration Act 2004. Victoria's AI strategy extends governance requirements to organisations receiving state funding, including community housing, health, and education providers.
- • Victorian Charter of Human Rights compatibility required for all AI solutions
- • "Decisions affecting customers will always be made by a human" - mandatory human oversight
- • Data protection, cybersecurity, transparency, and algorithmic accountability domains
QLD AI Ethics Framework and Governance Policy
Queensland was the first jurisdiction nationally to mandate ISO 38507 compliance for public sector AI governance. The Artificial Intelligence Governance Policy (September 2024) applies to all Queensland Government departments under the Public Sector Act 2022.
- • ISO 38507 (AI governance by organisations) mandatory for all departments
- • Foundational AI Risk Assessment (FAIRA) Framework for consistent risk management
- • QChat secure generative AI platform demonstrating responsible innovation
National Framework for AI Assurance in Government
Endorsed by all Australian governments in June 2024, the National Framework establishes five cornerstones for AI assurance across the public sector. Combined with the National AI Plan 2025 and the establishment of the Australian AI Safety Institute, this framework drives the governance strategies our consultants help agencies implement.
Governance
Organisational structure, policies, processes, roles, responsibilities, and risk management frameworks. Emphasises cross-functional expertise, leadership commitment, and mandatory staff training across the organisation.
Data Governance
Standards and practices for data quality, integrity, and management throughout the AI lifecycle. Critical for agencies handling citizen data across service delivery and compliance systems.
Standards
Alignment with national and international AI standards including ISO 38507 for governance, ISO/IEC 42001 for AI management systems, and the DTA AI Technical Standard covering discover, operate, and retire lifecycle phases.
Procurement
Government AI procurement standards including AI Model Clauses (Version 2.0), vendor assessment frameworks, and clearly established accountabilities in supplier relationships. Vendors must adopt ISO/IEC 42001 where risk assessments indicate heightened exposure.
Risk-Based Approach
Proportionate governance measures based on the risk level of AI applications. High-risk use cases involving security capabilities, critical infrastructure, or large-scale decision-making require heightened scrutiny and AI Review Committee referral.
Government AI Governance Consulting Services
Purpose-built AI consulting services for public sector accountability, transparency, and citizen trust. Our team of specialists delivers practical solutions that help Australian government organisations achieve compliance, manage risk, and drive responsible innovation.
Transparency Statement Support
- • Gap analysis against DTA transparency requirements
- • Plain language statement drafting aligned to Style Manual
- • Annual review and update support
- • Public communication strategy for automated decision-making disclosure
AI Risk Assessment and Compliance
- • DTA Impact Assessment Tool completion and review
- • Risk classification mapping against AI Ethics Principles
- • High-risk use case documentation for fraud detection, service delivery, and compliance
- • AI Review Committee preparation and briefing materials
Governance Framework Development
- • AI strategy aligned with DTA requirements and agency objectives
- • Governance structure design with accountability and oversight models
- • Accountable official and Chief AI Officer role definition
- • Cross-functional AI governance committees and operating procedures
Training and Capability Building
- • DTA-compliant AI fundamentals training for all APS staff
- • Executive briefings on AI governance strategy and transformation
- • Technical team training on risk assessment tools and methodologies
- • Ethics and responsible AI workshops for all levels
AI Procurement Support
- • AI Model Clauses (Version 2.0) implementation and contract review
- • Vendor assessment frameworks aligned to government AI procurement standards
- • Due diligence checklists including security restrictions (PSPF Directions 001/002)
- • Supplier AI governance and ISO/IEC 42001 compliance verification
State-Specific Compliance
- • NSW AI Assurance Framework compliance assessments and AI register setup
- • Victorian Administrative Guideline implementation and Human Rights alignment
- • Queensland ISO 38507 alignment and FAIRA framework deployment
- • Multi-jurisdictional coordination strategies for cross-border agencies
Why Government Organisations Choose Our AI Consulting Team
Unlike generalist consultants, our specialists focus exclusively on AI governance for the Australian public sector. We understand the administrative law principles, FOI obligations, and citizen accountability requirements that make government AI governance fundamentally different from private sector approaches.
Public Sector Expertise
Our consultants understand the multi-layered compliance landscape that Australian government organisations navigate: federal DTA policy, state-specific frameworks across NSW, Victoria, and Queensland, National Framework cornerstones, and administrative law requirements. We deliver AI solutions built for public sector accountability, not adapted from corporate frameworks.
Implementation That Drives Transformation
Governance frameworks that sit on shelves do not protect agencies or citizens. Our team stays through implementation, embedding governance into operations, training your people, and supporting the operational change required to make responsible AI use a reality. We build sustainable capability, not dependency.
Governance That Enables Responsible Adoption
We position AI governance as an enabler for public sector innovation, not a blocker. With the GovAI platform accelerating adoption and the National AI Plan investing in AI-enabled public services, agencies need governance strategies that support responsible growth while managing risk. Our solutions help you move forward with confidence.
Multi-Jurisdictional Strategy
Businesses and organisations operating across federal, state, and local government jurisdictions face overlapping and sometimes conflicting requirements. Our AI consulting services provide unified governance strategies that satisfy DTA Policy 2.0, the NSW AI Assurance Framework, VIC AI Strategy, QLD AI Ethics Framework, and local council obligations simultaneously.
Frequently Asked Questions
What is DTA Policy 2.0 and who does it apply to?
The Digital Transformation Agency's Policy for Responsible Use of AI in Government (Version 2.0, effective 15 December 2025) applies to all non-corporate Commonwealth entities. It mandates strategic AI approaches, designated accountability officials, risk-based impact assessments, published transparency statements, and mandatory AI training for all APS staff by June 2026. Our AI consulting team helps agencies achieve full compliance across all six requirements.
How does the Robodebt legacy affect government AI governance?
The Robodebt Royal Commission's $1.73 billion settlement fundamentally changed how Australian government organisations must approach automated decision-making. Recommendation 17.1 calls for a consistent framework ensuring AI systems are fit for purpose, lawful, fair, and do not adversely affect rights. Services Australia now explicitly prohibits AI in claims processing. All agencies using AI for decisions that affect citizens must demonstrate procedural fairness, explainability, and human oversight. Our consultants help agencies build governance that satisfies these obligations.
Do state government frameworks differ from federal requirements?
Yes, significantly. NSW mandates its AI Assessment Framework under Circular DCS-2024-04. Victoria's Administrative Guideline requires compatibility with the Charter of Human Rights. Queensland was the first jurisdiction to mandate ISO 38507 compliance. Organisations operating across jurisdictions need strategies that satisfy all applicable frameworks. Our team provides multi-jurisdictional AI governance solutions tailored to each state's requirements.
What are the FOI implications for government AI systems?
AI systems used in government decision-making are subject to Freedom of Information obligations. Agencies must ensure their systems produce outputs that can be explained, documented, and disclosed. The OAIC recommends proactive publication of information about automated decision-making use, aligned with the FOI Act and Privacy Act. Our governance frameworks include FOI-ready documentation strategies and transparency measures that protect agencies from compliance gaps.
How do government AI procurement standards work?
The AI Model Clauses (Version 2.0, published March 2025) establish standard contractual frameworks for government AI procurement. Vendors must obtain prior written approval before using AI, ensure human oversight, provide transparency of outputs, and adopt internal AI governance aligned with ISO/IEC 42001 where risk assessments indicate heightened exposure. PSPF Directions 001 and 002 restrict certain products on security grounds. Our consultants support both the buyer and seller sides of government AI procurement.
Citizens Expect Accountability. Regulators Demand It.
Do not wait for an ANAO audit finding or media scrutiny. Schedule a consultation with our team to discuss your agency's AI governance requirements, compliance obligations, and how our consulting services can help your organisation manage AI risk while driving responsible adoption.