All organisations, regardless of industry and sector, are required to ensure effective governance of core business activities essential to its operation. Some organisations, including government agencies, have stricter public accountability obligations. It can be a complex task to maintain compliance when there are constant changes to technology, processes and organisational structure. The increasing use of AI only adds to the complexity. 

Based on our 25+ years’ experience working with public and private organisations across a broad range of industries, Astral has developed tools to help organisations quickly understand how they are tracking against their governance obligations and the areas where remediation is needed to ensure compliance. We also have extensive experience implementing platforms and services that simply and, in some cases, even automate compliance practices.  

Governance Framework Assessment Tool 

This Tool is designed to assess governance capability and maturity across all business functions. It relies on input from a broad range of roles from across the organisation, not just those that work in the governance function. 

The Tool uses a scoring rubric tailored to the topic against a set of targeted survey questions with the results weighted to align with the industry standards specific to the organisation. Eight compliance capabilities are assessed (see below).  

The Tool aligns with the following: 

• ASX Corporate Governance Principles (Principles 1–7) 

• COBIT 2019 (EDM01–EDM05) 

• ISO 9001:2015 (Management Review, Continuous Improvement) 

• ISO 27001:2022 (Information Security Governance) 

• Corporations Act 2001 

• Government Records Management Standards 

Information Governance Maturity Model 

Astral recognised the need for an Information Governance Maturity Model (IGMM) that aligns with the most recent Information Governance International Standard (ISO 24143). Astral was actively involved in the development of the new Standard, and this IGMM provides a practical and pragmatic approach to the assessment of information governance maturity. 

The IGMM is used to assess an organisation’s current and future/required levels of capacity and capability in relation to the governance, and management of information assets. The focus is on assessing the organisation’s ability to: 

1. Realise business-value and innovation-potential of IP, information and knowledge assets 
2. Minimise risks associated with the security, integrity/quality, availability, and ethical & compliant management of data and information 
3. Enable continuous improvement of person-centred outcomes, especially customer and stakeholder experience of service delivery