Key terms and concepts from the Australian Government's Guidance for AI Adoption and the 6 Essential Practices for responsible AI.
This asks whether you have a clear picture of how the process works today — the steps involved, who does what, and where the decision points are.
Why it matters: AI can only automate what you understand. If the process is unclear, AI implementation will fail or automate the wrong things.
This asks whether the process is written down as a workflow — with steps, inputs, outputs, and decision points that someone else could follow.
Why it matters: Documentation is how you translate human knowledge into something an AI system can learn from. Without it, there's no foundation to build on.
This assesses how much damage a wrong decision in this process could cause — to people, finances, reputation, or operations.
Why it matters: Higher-impact decisions need stronger governance. This determines your risk classification, which affects how strictly your readiness is assessed.
This asks what happens if the AI system makes a mistake — could it cause harm to people, financial loss, or regulatory problems?
Why it matters: Processes where errors cause serious harm need more rigorous testing, monitoring, and human override capabilities.
This asks whether someone specific is responsible for AI decisions in your organisation — not just the IT team, but a named person accountable for governance, policy, and outcomes.
Why it matters: Without clear accountability, AI issues fall through the cracks. The guidance says to assign a senior leader as AI governance owner.
This asks whether you've thought about who this AI process affects — customers, employees, vulnerable groups — and how it might impact them differently.
Why it matters: AI can create unintended bias or harm. The guidance says to assess impacts on vulnerable and marginalised groups and create channels for people to challenge AI decisions.
This asks whether you have processes specifically for identifying and managing AI-related risks — not just general IT risk, but AI-specific concerns like bias, data drift, and model failures.
Why it matters: AI risks are different from traditional IT risks. The guidance says to create a risk screening process and conduct risk assessments per use case.
This asks whether you can explain what the AI system does, how it makes decisions, and what its limitations are — in language stakeholders can understand.
Why it matters: People have a right to know when AI influences decisions about them. The guidance says to maintain an AI register and disclose AI use to affected stakeholders.
This asks whether you have plans to test the AI system before it goes live, and to monitor its performance continuously afterwards — not just "set and forget."
Why it matters: AI systems degrade over time as data changes. The guidance says to test before deployment and set up ongoing monitoring with clear incident thresholds.
This asks whether you've defined where a human must be able to step in, override, or shut down the AI system — especially for high-stakes decisions.
Why it matters: Some decisions should never be fully automated. The guidance says to decide where humans must remain "in the loop" and ensure staff have authority to override AI.
This assesses whether this process makes decisions that could significantly affect people's lives, finances, or rights.
Why it matters: The more significant the decisions, the stronger the accountability structures need to be.
This asks whether it's critical to have a single clear owner responsible for outcomes of this process.
Why it matters: Shared responsibility often means no responsibility. The guidance says to make a specific person accountable for every AI system.
This asks whether the process must comply with specific laws, regulations, or industry standards.
Why it matters: Regulated processes need formal compliance frameworks. Non-compliance can result in legal penalties.
This asks whether different groups of people could be affected differently by this AI process — some benefiting more, others being disadvantaged.
Why it matters: AI systems can amplify existing biases. The guidance says to pay particular attention to vulnerable and marginalised groups.
This asks whether people affected by AI decisions need a way to challenge or appeal those decisions.
Why it matters: The guidance says to create contestability channels and feedback processes for people to challenge AI-influenced decisions.
This assesses whether you've involved the people who would be affected by this AI process in the planning.
Why it matters: The guidance says to engage stakeholders throughout the AI lifecycle, not just inform them after the fact.
This asks how serious the consequences could be if this process fails or produces wrong results.
Why it matters: Higher harm potential means more rigorous risk controls are needed. The guidance says to screen for unacceptable risk.
This asks whether the process could produce unfair or discriminatory outcomes.
Why it matters: AI systems trained on biased data reproduce and amplify that bias. The guidance says to assess and mitigate AI-specific risks.
This asks whether you have processes to investigate AI incidents, learn from them, and prevent recurrence.
Why it matters: The guidance says to investigate, document, and learn from AI incidents — not just fix them and move on.
This asks whether stakeholders need to understand how decisions are made in this process.
Why it matters: The guidance says to explain AI outcomes proportionate to their severity — higher impact decisions need clearer explanations.
This asks whether the process needs to be auditable — with a traceable record of decisions and the reasoning behind them.
Why it matters: Audit trails are essential for compliance and for investigating issues when they arise.
This asks whether you would maintain a formal register documenting this AI system — its purpose, data sources, capabilities, and limitations.
Why it matters: The guidance says to maintain an AI register documenting all AI systems in use. This is a key transparency requirement.
This asks how severe the impact would be if this process failed or changed behaviour unexpectedly.
Why it matters: High-consequence processes need more rigorous pre-deployment testing and continuous monitoring.
This asks whether the process handles personal, confidential, or sensitive information.
Why it matters: Sensitive data requires stronger data governance and cybersecurity measures extended to AI systems.
This asks how quickly you would need to detect and respond to performance or security issues with this process.
Why it matters: The guidance says to define incident thresholds and escalation paths — when to pause, roll back, or retire a system.
This asks whether humans should be able to intervene in or override decisions made by this process.
Why it matters: The guidance says to decide where humans must remain "in the loop" or "on the loop" — reviewing outputs and overruling decisions.
This asks whether there are situations in this process where human judgment, intuition, or contextual understanding is irreplaceable.
Why it matters: Some decisions require empathy, ethics, or context that AI cannot provide. The guidance says to avoid over-reliance in high-stakes domains.
This asks whether meaningful human oversight is required throughout the entire lifecycle of this process — not just at deployment.
Why it matters: The guidance says to maintain human oversight throughout the AI lifecycle and ensure appropriate training for anyone overseeing AI systems.
Free assessment based on the Australian Government's 6 Essential Practices.
Start Assessment
Built by base2Services. AWS Advanced Partner since 2018. ISO 27001 certified.
Based on the Australian Government's Guidance for AI Adoption (October 2025).