Search

Community engagement planning

Chris is planning consultation activities for a community program. They need to develop engagement strategies and materials that will effectively reach diverse community groups and gather meaningful feedback, and project manage the consultation process to ensure it meets key timelines. Chris considers using public generative AI tools to brainstorm consultation approaches.

What should Chris do?

Chris uses public generative AI tools to generate ideas for community engagement methods and consultation formats, taking care to only share OFFICIAL level information on the program and consultation objectives. Chris does not share any personal information about individuals connected to the consultations or the program itself with the AI platform.
Chris asks the public AI tool to suggest project management strategies and draft project planning materials. For example, the tool can draft a consultation schedule, progress report templates and content and consultation session logistics checklists.
Chris can also seek advice on developing survey questions and interview and focus group prompts and ways to track engagement and evaluate consultation outcomes, without entering any security classified or personal data.
Chris asks the AI tool to suggest approaches for making consultations accessible to people with different language backgrounds and accessibility needs. Chris notes that public generative AI tools may not produce accurate translations from English into other languages. If translation is needed, Chris should follow agency guidelines for accessing professional translation services.
Chris thoroughly checks and edits the AI-generated content and validates engagement strategies with colleagues, ensuring they align with government consultation standards and inclusive engagement principles.
Chris reviews all draft consultation materials to ensure they meet plain language requirements and government communication guidelines.

Off

Data analysis support

Dinesh is conducting analysis on a dataset for a research project. The dataset contains OFFICIAL information and does not contain any personal or security classified information. Dinesh is wondering whether public generative AI tools can help identify patterns and generate insights from the data.

What should Dinesh do?

Given the dataset contains only OFFICIAL information, with no personal or security classified information, Dinesh can use public generative AI tools to assist with data analysis and pattern identification.
Dinesh provides only the necessary data elements to the public AI tool, avoiding any information security classified OFFICIAL: Sensitive or above.
Noting that generative AI tools can produce biased or inaccurate outputs, Dinesh thoroughly validates all insights and analysis before using them in any official capacity.
Before sharing findings more broadly, Dinesh asks a colleague to review the analysis to confirm it accurately reflects the data and meets government analytical standards.

Off

Jordan, a policy analyst in an Australian Government department, needs to produce a comparative analysis of international approaches to a policy issue for a briefing. Jordan is considering using public generative AI tools to brainstorm, accelerate the research process and create first pass content that can be refined further.
What should Jordan do?
- Jordan uses a public generative AI tool to help identify publicly available research papers, reports, and case studies related to the policy issue without including any security classified information.
- Jordan can prompt the AI tool to generate targeted questions on international approaches, highlight key differences and create draft content for further development.
- Jordan carefully reviews the AI-generated content, cross-referencing it with authoritative sources to ensure it’s accurate and reliable. If the AI tool can cite its sources, Jordan can independently verify these to confirm or correct the information.
- If Jordan identifies incorrect, misleading or questionable information, they can clarify or reframe the prompt, compare outputs from different prompts or tools, verify claims against trusted sources and discard any unsupported or unverifiable claims.
- Before using any insights in briefings, Jordan consults with subject matter experts or experienced colleagues to validate complex or ambiguous content and check for accuracy and completeness.
Sofia is developing educational materials for diverse public audiences for a government program. She needs to develop a communications plan, web content and fact sheets tailored for communities across Australia, incorporating relevant local context. Sofia is considering using public generative AI tools to help develop initial drafts, research and organise local community information and improve readability for diverse audiences.
What should Sofia do?
- Sofia can ask public generative AI tools to suggest ways to present program information and tailor messaging for different community needs – without sharing personal information or information that’s security classified as OFFICIAL: Sensitive or above.
- Sofia employs the AI tool to help research local community information, rephrase bureaucratic terminology into plain language and organise content into clear, accessible formats.
- Sofia cross-checks AI-generated content against original sources, asks colleagues to fact-check drafts and contacts any external parties before including their information in public material.
- Sofia remains responsible for the final content, ensuring it accurately conveys current program guidelines and aligns with departmental requirements. Sofia uses public generative AI tools to suggest different ways to structure program information for broad community understanding and help rephrase complex program terminology into plain English.
Alex is reviewing a complex technical report to summarise its content and highlight strategic implications for the agency. Alex is considering using public generative AI platforms to assist with understanding and summarising the content.
What should Alex do?
- Alex can upload the report to a public generative AI tool to help break down complex concepts, explain unfamiliar terms and find further information on related topics.
- Alex asks the generative AI tool to help structure summaries and identify key themes while ensuring only OFFICIAL level government information is shared with the external platform.
- Alex validates AI-generated content by consulting subject matter experts to ensure technical accuracy and appropriate interpretation.
- Depending on team or agency expectations regarding disclosure of AI-influenced content, Alex may choose to include a statement advising readers how AI was used to develop the summary.
Chris is planning consultation activities for a community program. They need to develop engagement strategies and materials that will effectively reach diverse community groups and gather meaningful feedback, and project manage the consultation process to ensure it meets key timelines. Chris considers using public generative AI tools to brainstorm consultation approaches.
What should Chris do?
- Chris uses public generative AI tools to generate ideas for community engagement methods and consultation formats, taking care to only share OFFICIAL level information on the program and consultation objectives. Chris does not share any personal information about individuals connected to the consultations or the program itself with the AI platform.
- Chris asks the public AI tool to suggest project management strategies and draft project planning materials. For example, the tool can draft a consultation schedule, progress report templates and content and consultation session logistics checklists.
- Chris can also seek advice on developing survey questions and interview and focus group prompts and ways to track engagement and evaluate consultation outcomes, without entering any security classified or personal data.
- Chris asks the AI tool to suggest approaches for making consultations accessible to people with different language backgrounds and accessibility needs. Chris notes that public generative AI tools may not produce accurate translations from English into other languages. If translation is needed, Chris should follow agency guidelines for accessing professional translation services.
- Chris thoroughly checks and edits the AI-generated content and validates engagement strategies with colleagues, ensuring they align with government consultation standards and inclusive engagement principles.
- Chris reviews all draft consultation materials to ensure they meet plain language requirements and government communication guidelines.
Dinesh is conducting analysis on a dataset for a research project. The dataset contains OFFICIAL information and does not contain any personal or security classified information. Dinesh is wondering whether public generative AI tools can help identify patterns and generate insights from the data.
What should Dinesh do?
- Given the dataset contains only OFFICIAL information, with no personal or security classified information, Dinesh can use public generative AI tools to assist with data analysis and pattern identification.
- Dinesh provides only the necessary data elements to the public AI tool, avoiding any information security classified OFFICIAL: Sensitive or above.
- Noting that generative AI tools can produce biased or inaccurate outputs, Dinesh thoroughly validates all insights and analysis before using them in any official capacity.
- Before sharing findings more broadly, Dinesh asks a colleague to review the analysis to confirm it accurately reflects the data and meets government analytical standards.

Inappropriate public generative AI use examples

Personal information in correspondence

Hannah needs to write a response letter to a member of the public regarding a sensitive case. The response will draw on complex case file notes which contain personal details including the client’s name, date of birth, client reference number, address, financial information and sensitive case history such as interactions with the justice system. Hannah considers using public generative AI platforms to help draft a professional and empathetic response based on the case information.

What should Hannah do?

Hannah should not use public generative AI for this task. Inputting personal information into public AI tools would breach privacy obligations and government information handling rules.
Hannah understands that personal information including names, dates of birth, reference numbers, financial details, and case-specific information must never be shared with public AI platforms.
Hannah acknowledges that using such sensitive information in public AI tools could result in data breaches, identity theft risks, and serious privacy violations.
Instead, Hannah uses approved government systems and templates to draft the response, consulting with team members and agency experts as needed for complex cases.
Hannah ensures all personal information remains secure and is handled in accordance with government privacy and information security policies.

Off

Security classified government information

Wei is preparing a Cabinet submission on proposed legislative changes. The task involves security classified information, inter-agency consultation feedback, and sensitive policy recommendations. Facing a tight deadline, Wei is considering using public generative AI platforms to help structure and refine the submission.

What should Wei do?

Wei should not use public generative AI platforms for this task. Instead, Wei should rely on established internal processes, consulting with colleagues and using approved government systems.
If Wei has access to an enterprise generative AI tool, cleared by the agency to process security classified information, they could consider using this. If Wei is unsure which generative AI tool can handle security classified information, they should consult relevant internal guidance and the IT security team if needed.
Wei recognises that security classified information must never be entered into public AI tools. This includes information classified OFFICIAL: Sensitive or above, including PROTECTED: CABINET information.
Wei understands that using public generative AI platforms for this task could compromise security and breach the Protective Security Policy Framework (PSPF).
Wei ensures the appropriate security classification markings are applied to all documents and follows proper information handling protocols.

Off

Cultural sensitivity and intellectual property

River is organising activities for an important First Nations cultural awareness week and wants to include visual elements in internal campaign materials that reflect Indigenous culture. River has access to artwork commissioned by their agency from Indigenous artists for similar purposes in the past. River considers uploading these images – along with other images of Indigenous art found online – to a public generative AI platform to produce new visual content.

What should River do?

River should not use generative AI tools for this purpose.
River recognises that generating AI images based on First Nations artwork would be culturally inappropriate. River realises that authentic cultural representation requires genuine engagement with First Nations communities and cannot be replicated through public AI tools.
River notes that public generative AI platforms may retain uploaded content, which could result in the artwork being reused or incorporated into AI training datasets without the artists’ consent – breaching intellectual property rights, Indigenous data sovereignty and cultural protocols.
River acknowledges that using AI-generated cultural content could cause harm to First Nations communities by perpetuating stereotypes, misrepresenting sacred or sensitive cultural elements, and contributing to cultural appropriation.
Instead of using generative AI, River explores commissioning new artwork from First Nations artists or using existing approved materials developed in consultation with community representatives.
River ensures any cultural materials are developed through proper consultation with First Nations artists, cultural advisors and community representatives, and that intellectual property rights are respected and appropriately acknowledged.

Off

Assessing applications

Jamie is reviewing applications for a government grant program. With multiple complex applications to assess against program criteria, Jamie considers inputting application details into a public generative AI tool to help assess which applications meet the funding requirements to recommend for approval.

What should Jamie do?

Jamie should not use public generative AI tools for this purpose.
Jamie recognises that grant applications can contain personal details and confidential business information that must not be shared with public AI platforms.
Jamie acknowledges that government decision-making requires human judgement, accountability, and transparency that cannot be delegated to public AI tools.
Jamie understands that using public AI tools to make funding decisions could introduce bias, produce inaccurate results, compromise the integrity of the assessment process, and breach privacy obligations.
Instead, Jamie uses established assessment frameworks and internal IT systems, asks colleagues for peer review, and ensures all decisions are properly documented.
Jamie maintains the confidentiality of all application information and ensures fair and consistent assessment processes are followed.

Off

Listen to and understand diverse user needs
Consider diverse user needs from the outset to make sure your service caters to as many users as possible. Consider the different identities, characteristics, and perspectives of users to make your digital service
welcoming and inclusive for all.
Conduct usability testing with diverse user groups
Do usability testing with individuals from diverse backgrounds, including those with different abilities, ages, and cultural
contexts. Adopt inclusive prototyping techniques, to simulate the experiences of users with different abilities and identify potential challenges. Recognise that various aspects of a person’s identity, such as race, gender, and age all intersect to shape their digital experience.

Procurement processes

Omar is developing technical specifications for a major tender. To ensure the specifications are comprehensive, Omar wants to input the detailed requirements into a public generative AI tool to help identify potential gaps and improve the technical language.

What should Omar do?

Omar should not use public generative AI tools for this task.
Omar recognises that tender specifications may contain commercially sensitive information that could provide unfair market advantage if disclosed prematurely through public AI platforms.
Omar understands that inputting procurement details into public AI platforms could breach the Commonwealth Procurement Rules and compromise the integrity of the tender process.
Omar avoids using any public AI tools that could inadvertently signal government intentions to potential suppliers or create conflicts of interest.
Instead, Omar consults internal technical experts and relevant industry standards, and uses approved government procurement resources to develop specifications.
Omar ensures all procurement activities maintain appropriate confidentiality.

Off

Hannah needs to write a response letter to a member of the public regarding a sensitive case. The response will draw on complex case file notes which contain personal details including the client’s name, date of birth, client reference number, address, financial information and sensitive case history such as interactions with the justice system. Hannah considers using public generative AI platforms to help draft a professional and empathetic response based on the case information.
What should Hannah do?
- Hannah should not use public generative AI for this task. Inputting personal information into public AI tools would breach privacy obligations and government information handling rules.
- Hannah understands that personal information including names, dates of birth, reference numbers, financial details, and case-specific information must never be shared with public AI platforms.
- Hannah acknowledges that using such sensitive information in public AI tools could result in data breaches, identity theft risks, and serious privacy violations.
- Instead, Hannah uses approved government systems and templates to draft the response, consulting with team members and agency experts as needed for complex cases.
- Hannah ensures all personal information remains secure and is handled in accordance with government privacy and information security policies.
Wei is preparing a Cabinet submission on proposed legislative changes. The task involves security classified information, inter-agency consultation feedback, and sensitive policy recommendations. Facing a tight deadline, Wei is considering using public generative AI platforms to help structure and refine the submission.
What should Wei do?
- Wei should not use public generative AI platforms for this task. Instead, Wei should rely on established internal processes, consulting with colleagues and using approved government systems.
- If Wei has access to an enterprise generative AI tool, cleared by the agency to process security classified information, they could consider using this. If Wei is unsure which generative AI tool can handle security classified information, they should consult relevant internal guidance and the IT security team if needed.
- Wei recognises that security classified information must never be entered into public AI tools. This includes information classified OFFICIAL: Sensitive or above, including PROTECTED: CABINET information.
- Wei understands that using public generative AI platforms for this task could compromise security and breach the Protective Security Policy Framework (PSPF).
- Wei ensures the appropriate security classification markings are applied to all documents and follows proper information handling protocols.
River is organising activities for an important First Nations cultural awareness week and wants to include visual elements in internal campaign materials that reflect Indigenous culture. River has access to artwork commissioned by their agency from Indigenous artists for similar purposes in the past. River considers uploading these images – along with other images of Indigenous art found online – to a public generative AI platform to produce new visual content.
What should River do?
- River should not use generative AI tools for this purpose.
- River recognises that generating AI images based on First Nations artwork would be culturally inappropriate. River realises that authentic cultural representation requires genuine engagement with First Nations communities and cannot be replicated through public AI tools.
- River notes that public generative AI platforms may retain uploaded content, which could result in the artwork being reused or incorporated into AI training datasets without the artists’ consent – breaching intellectual property rights, Indigenous data sovereignty and cultural protocols.
- River acknowledges that using AI-generated cultural content could cause harm to First Nations communities by perpetuating stereotypes, misrepresenting sacred or sensitive cultural elements, and contributing to cultural appropriation.
- Instead of using generative AI, River explores commissioning new artwork from First Nations artists or using existing approved materials developed in consultation with community representatives.
- River ensures any cultural materials are developed through proper consultation with First Nations artists, cultural advisors and community representatives, and that intellectual property rights are respected and appropriately acknowledged.
Jamie is reviewing applications for a government grant program. With multiple complex applications to assess against program criteria, Jamie considers inputting application details into a public generative AI tool to help assess which applications meet the funding requirements to recommend for approval.
What should Jamie do?
- Jamie should not use public generative AI tools for this purpose.
- Jamie recognises that grant applications can contain personal details and confidential business information that must not be shared with public AI platforms.
- Jamie acknowledges that government decision-making requires human judgement, accountability, and transparency that cannot be delegated to public AI tools.
- Jamie understands that using public AI tools to make funding decisions could introduce bias, produce inaccurate results, compromise the integrity of the assessment process, and breach privacy obligations.
- Instead, Jamie uses established assessment frameworks and internal IT systems, asks colleagues for peer review, and ensures all decisions are properly documented.
- Jamie maintains the confidentiality of all application information and ensures fair and consistent assessment processes are followed.
Omar is developing technical specifications for a major tender. To ensure the specifications are comprehensive, Omar wants to input the detailed requirements into a public generative AI tool to help identify potential gaps and improve the technical language.
What should Omar do?
- Omar should not use public generative AI tools for this task.
- Omar recognises that tender specifications may contain commercially sensitive information that could provide unfair market advantage if disclosed prematurely through public AI platforms.
- Omar understands that inputting procurement details into public AI platforms could breach the Commonwealth Procurement Rules and compromise the integrity of the tender process.
- Omar avoids using any public AI tools that could inadvertently signal government intentions to potential suppliers or create conflicts of interest.
- Instead, Omar consults internal technical experts and relevant industry standards, and uses approved government procurement resources to develop specifications.
- Omar ensures all procurement activities maintain appropriate confidentiality.

Layers of governance and separation of duties

The levels of governance should generally be minimised, while ensuring there is sufficient separation to avoid conflicts of interest between those doing the work and those governing, and to facilitate escalation paths. Too many layers of governance dilute accountability and can slow down decision-making ^[¹^-^SRO^{], (}¹⁾.

Ownership

In general, membership of the board should be limited to those who have ongoing ownership for the solution and those that will be most impacted by the operation, maintenance, benefits and risk. Similarly, risk and benefit ownership should be assigned to the individuals whose roles are best placed to control risk, and with ongoing ownership of benefits. For example, ownership of benefits should not reside with the delivery manager ^[³^-^DTA^].

Co-design the digital service and its accompanying artifacts

Co-design with users

Involve users throughout the Service Design and Delivery Process to make sure their perspectives, needs and feedback are incorporated into the final service. Encourage shared ownership by co-designing accompanying artifacts, such as tutorials and guides, using language that is meaningful for all.

Consider cohort specific digital inclusion requirements (outlined below)

Tailor your digital service to meet the specific needs of users to promote inclusion and make sure support is provided at the appropriate level. Consider how you will apply the following cohort specific requirements when designing and delivering digital services.

Off

needs alt text — Figure 1. Board membership (lower figure) from multiple organisation units (top figure) 19.

It is important that members of the board are not conflicted in decision-making, for example, an external vendor on a board that makes decisions on the vendor’s scope or payment. To avoid a conflict of interest, external supplier interests could be represented in a separate advisory committee, or represented by internal procurement management, as appropriate to the needs of the project.

People: Core Literacy, Experience and Culture

Corporate boards have moved away from an emphasis on stakeholder representation to skills-based composition. Project boards should also look past stakeholder representation to consider the skills and capabilities that members contribute. Board members should include external members, and be chosen for their authority, expertise, experience, status and connection ⁽¹¹⁾, focusing on people who:

Are authorised to represent the interests of the area they represent;
Can provide necessary resources; and
Are committed to the project outcomes ⁽¹⁰^,²⁸⁾.

Project boards rarely have the time or luxury to be able to develop complete knowledge of all aspects of any project. Some literacies can readily be taught, helping board members know what to look for and the questions to ask. Project board training can help rapidly develop core literacies ⁽¹¹^,²¹⁾. Other board member capabilities are developed through years of experience. We differentiate between SROs’ and board members’ digital project literacies (Table 4), the collective experience the board should contain (Table 5), and the culture, attitude and behaviours that needs to be established for a digital project board to be effective (Table 6).

Core Literacy

Table 4: Foundational literacy all project board members should have
Capability	Description
Benefits and outcomes	Understanding of benefits management processes, and the relationship between outputs and outcomes, benefits and value ⁽²³^,⁴⁰⁾
Communication in the context of change	Understanding the importance of a project narrative, creating a culture of transparency, stakeholder identification, constructive conflict and feedback loops ⁽²⁰⁾
Project management foundations	Understanding of key project management concepts, giving the board the ability to question aspects of the project lifecycle, critical path, earned value, burn rate and baselines ⁽⁵^,¹⁵^,²³⁾

Core Experience

The expertise needed on the Board should be guided by key areas of risk, both enterprise and project delivery.

Table 5: Common expertise requirements for Digital Project Boards
Skills	Description
Business expertise	Understanding of the business, impacts and change required for end users, allowing the board to maintain sight of the business logic of the project ⁽⁵^,¹⁵^,²³⁾
Operations expertise	Understanding of the operational environment to ensure the solution is integrated, maintainable and sustainable within the existing IT applications portfolio ⁽²⁹⁾
Digital project management expertise	Understanding of digital projects, their lifecycle, risks, ideally with experience in a similar type of project (e.g. AI, SAAS, risk tier)
Interpersonal skills and social capital	Strong networks and relationships that support negotiation, decision-making, issue resolution, stakeholder management, effective communication and resourcing ⁽⁵^,²⁸⁾
Digital, data and cyber expertise	Depending on the project type and stage, deep technical expertise may be required
Legal and policy	Depending on the project type and stage, regulatory and policy expertise may be required
Procurement and contract management	Depending on the project type and stage, expertise in procurement and contract management may be necessary
Independence	Balancing the need for vested interests, ensuring there is someone who can view the project and its progress objectively and independently
Supplier expertise	Depending on the project, experience and knowledge of the product, implementation approach and supply chain
Interdependencies	Knowledge of areas the project has interdependencies with, for example, resourcing, systems integration
Employee/customer experience	Expertise in ensuring a solution is well suited to the needs of the users of project deliverables
Change management expertise	Experts in communicating and designing organisational change, reducing resistance and increasing uptake of change
Financial expertise	Depending on the complexity, size, risk and procurement strategy of the project

Culture, Attitude and Behaviours

Table 6: Attitudes and behaviours required on project boards
Culture	Description
Skin in the game	Members should have a genuine interest, commitment and ownership of the project's success ⁽²⁸⁾
Psychological safety	Boards need to foster a no-blame environment where people feel safe with constructive conflict, raising ideas and escalating issues ⁽²³^,⁴¹⁾
"Can do" agency	Board membership is not a passive role. Members should take action to ensure they have the right information to support decisions and proactively identify strategies that enhance project success ⁽²³⁾
Time commitment	Board members often underestimate the time involved. Members must ensure they are suitably informed, attending meetings and prepared to support decision-making ⁽¹¹^,²³^,⁴²⁾
Courage	Courage to stop a project, escalate risks or reset the project if the project does not have sufficient business justification and/or delivery confidence is low ⁽¹^,²⁵⁾
Attendance	Continuity in core board membership facilitates historically informed decision-making. Use of deputies or proxies should be avoided as it signals a lack of commitment, dilutes accountability and can delay decision-making ⁽¹¹⁾. Members should not attend just to report to others ⁽²⁸⁾
Decision expediency	Boards need to make decisions escalated to them in a timely manner, possibly despite incomplete information. Decisions should be clear and prioritise action⁽²³^,⁴³⁾
Value-focused	Boards should suspend self-interest and operate from a position of what is best for the organisation and project, optimising value from the project investment
Empowering	The project board can make the decisions it needs to so that the project is empowered to deliver
Humility	Openness to learning and adaptation – seeking robust advice from independent advisors and project assurance, seeking out lessons learned from similar projects, listening to user and reference groups, acting on recommendations ⁽¹^,⁴⁴⁾