This executive roundtable brings senior government leaders together to unpack how to govern AI in the pipeline: who controls the data, the model, and the audit chain when AI generates code in a citizen-facing service — and what platform consolidation, sovereignty and agentic controls need to look like in practice.

Date: Tuesday, 4 August
Start: 11.45am arrival (12pm seated)
Finish: 2.00pm
Venue: Napier Room, Kimpton Margot Sydney
Address: 339 Pitt Street, Sydney 2000

Your Speakers

Narelle Underwood

Narelle Underwood
Executive Director Digital Strategy, Sourcing & Assurance
Digital NSW | Department of Customer Service

Andrew Haschka

Andrew Haschka
Field Chief Technology Officer
GitLab


Why Attend

  • Strengthen executive control over AI-enabled delivery: Leave with a clear governance framing for AI in software delivery that translates into controls you can ask for and measure.

  • Reduce compliance and security risk in citizen-facing services: Understand where AI creates new failure modes in the pipeline — and the mechanisms that prevent them.

  • Align engineering, security and policy on a practical path forward: Take away shared language and decision points that help teams coordinate without slowing delivery.

 

Strategic Context

Across NSW, multiple policy and risk signals are converging on the same executive reality: AI is being used in day-to-day engineering, security and delivery workflows faster than governance models can keep up. The NSW AI Assessment Framework, evolving privacy expectations around automated decision-making, and the state’s cyber priorities collectively raise the stakes on provable controls — not just intent — when AI touches code, deployment decisions, and service outcomes. For leaders accountable for citizen-facing services, the question is no longer “are we using AI?”, but whether the organisation can evidence control, auditability, and compliance across the delivery chain, without slowing delivery or fragmenting the platform further.

Key discussion points:

  • Define what “governed AI in the pipeline” actually means: Establish the minimum control set leaders should expect across source, build, deploy and operations when AI is involved.

  • Protect sovereignty and accountability (data, model, audit chain): Clarify how to maintain demonstrable oversight of data access, model behaviour, and decision trails in secure environments.

  • Operationalise compliance without killing delivery: Identify practical patterns that enable engineering teams to move fast and meet regulatory/cyber expectations (guardrails, not theatre).

  • Make platform decisions that reduce risk at scale: Explore where consolidation, standardisation, and agentic controls reduce exposure and improve assurance across teams.