Meet the Australian Government AI Guardrails
As Artificial Intelligence continues to proliferate in business and society at large, Governments are realising that a legislative approach for the safe, responsible and ethical use of AI is required.
Consequently, the Australian Government Department of Industry, Science and Resources has produced a Voluntary AI Safety Standard. The standard is mandated for cases where societal/individual harm/discrimination is possible, as well as at the intersections of critical infrastructure and national security.
The need for authoritative AI Guardrails
We believe this is a positive first step from the Federal Government in defining where the “lines” are as far as AI use, we know from speaking with our own customers that an absence of formal guidance creates pain for their own AI adoption journey.
Security and safety issues can fester in the absence of proper legislative frameworks and we appreciate the work our friends at the Australian Cyber Network are doing to advocate futher on this front.
The 10 AI Guardrails Summarised
-
Accountability & Strategy – Establish governance, internal capabilities, and a strategy for AI use, ensuring clear ownership, compliance, and necessary training.
-
Risk Management – Continuously assess and mitigate risks associated with AI use through ongoing risk evaluations informed by stakeholder impact assessments.
-
Data Governance & Security – Implement strong data governance, privacy, and cybersecurity measures to maintain data quality, provenance, and mitigate AI-related vulnerabilities.
-
Testing & Monitoring – Rigorously test AI models pre-deployment and continuously monitor performance to detect unintended behaviors.
-
Human Oversight – Ensure human intervention mechanisms are in place throughout the AI lifecycle to manage risks and unintended consequences.
-
User Transparency – Disclose AI-driven decisions, interactions, and content creation to build trust and confidence among users.
-
User Challenge Mechanism – Provide processes for individuals and entities to challenge AI-driven decisions and request reviews.
-
Supply Chain Transparency – Share information on AI components, models, and risks with supply chain partners to promote responsible AI use.
-
Record-Keeping & Compliance – Maintain documentation and records to demonstrate compliance with AI governance standards.
-
Stakeholder Engagement – Regularly involve stakeholders to assess AI’s social impact, ensuring fairness, inclusivity, and bias mitigation.
Implementing the Guardrails with Subrosa
By adopting Subrosa, you will immediately have a platform for meeting the vast majority of the guardrails, implementing the controls will no longer be a matter of process and paperwork.
| Guardrail | Corresponding Subrosa Feature | Control Summary |
|---|---|---|
| Accountability & Strategy | AI Governance Dashboard | Subrosa provides detailed visibility, reporting and classification of AI use - including prompts, destination providers and who in the company is using a given AI tool. |
| Risk Management | AI Governance Dashboard, AI Traffic Monitoring | Subrosa provides prompt level visibility into AI use - this enables the rapid detection of inappropriate, high-risk or shadow use. Our ML powered traffic classifier can also provide this information at a summary level. |
| Data Governance & Security | Data Policy, Detection & Enforcement | Governance is a business level process, Subrosa exists as a tool to aid in its implementation, from initial AI usage discovery, to the definition and enforcement of organisational policies (as well as the guardrails), to reporting on security/saftey posture over time. |
| Human Oversight | AI Governance Dashboard, AI Traffic Monitoring | Subrosa will monitor all AI use in an organisation, providing a direct means for human oversight. |
| Supply Chain Transparency | AI Governance Dashboard, AI Provider Visibility, Traffic Logs, Shadow Detction | Subrosa will detect AI use within a companies environment, including unsanctioned/unknown (shadow) use. Subrosa will provide visibility into a companies AI usage supply chain, provide the data for risk/governance decisions and provide an enforcement layer for these decisions as the companies security posture develops. |
| Record-Keeping & Compliance | AI Govenance Dasboard, AI Traffic Logs | The detailed logging and reporting in Subrosa provides a means to meet the record keeping requirements of the guardrails, as well as many industry compliance standards. Furthermore, Subrosa provides integration to external logging systems/SIEMs, such as Splunk and SumoLogic and compliance tools such as Vanta. |
| Stakeholder Engagement | AI Governance Dashboarding & Reporting | The reporting and dashboarding features in Subrosa provide high resolution summaries about AI security and safety posture in the organisation. |
We're always following the emergent policies/legislation produced by Governments, as well as the burgeoning Industry Compliance Frameworks, we're also working on some exciting new features to aid with AI safety issues related to data quality, that would be very helpful in meeting the Testing & Monitoring control of the guardrails.
If this sounds interesting to you, or if you want to talk about your AI safety and security posture, get in touch with us.
