Praxis Cyber Resources
Resources
Practical guides, checklists and trusted sources for AI governance, cyber assurance, security testing and control uplift.
Use this hub to ask better questions before adopting AI, starting an ISO pathway, testing exposed systems or improving day-to-day security controls.
AI governance
Resource hub
Guidance sorted by decision, risk and practical next step.
AI governance
Readiness, vendor review, AI app security
Cyber assurance
Risk, ISO pathways, audit evidence
Security testing
Web, API, vulnerability and GenAI signals
Control uplift
Identity, M365, data protection and policies
Practical Praxis Cyber guides
Simple resources for better security and AI decisions
Simple resources to help organisations ask better questions before adopting AI, starting an ISO pathway or uplifting security controls.
AI Readiness Checklist
Practical questions to ask before adopting Copilot, ChatGPT, Gemini or AI-enabled SaaS.
AI Governance
Coming soon
AI Tool & Vendor Review Checklist
Review data use, access, retention, subprocessors and approval conditions before rollout.
Vendor Review
Coming soon
AI App & Agent Security Checklist
Key risks to check across prompt injection, data leakage, excessive agency and tool access.
AI Security
Coming soon
Cyber Risk Assessment Guide
A simple way to turn security gaps into priorities, owners and next steps.
Cyber Assurance
Coming soon
ISO 27001 Readiness Starter Guide
What to prepare before starting an ISMS or certification pathway.
ISO 27001
Coming soon
ISO 42001 Readiness Starter Guide
How to start thinking about AI management system scope, risk and evidence.
ISO 42001
Coming soon
Latest signals worth watching
Current themes shaping AI governance, cyber risk and security assurance
These signals are useful prompts for leadership, security and technology teams planning governance, assurance and control uplift.
AI adoption is outpacing governance
Australian guidance is moving toward practical AI guardrails, accountability, risk management and responsible adoption.
AI guidance
Read source
AI-related breaches are now showing up in breach reporting
IBM’s 2025 research highlights the AI oversight gap, including weak AI access controls and missing AI governance policies.
IBM 2025
Read source
Cybercrime continues to hit Australian organisations
ASD’s 2024-25 report shows cybercrime reports, business costs and incident response remain major concerns for Australian organisations.
ASD ACSC
Read source
AI application security risks are becoming clearer
OWASP’s 2025 GenAI Top 10 highlights risks such as prompt injection, sensitive information disclosure and excessive agency.
OWASP
Read source
Standards and frameworks
Trusted sources we reference when turning guidance into action
These frameworks help structure AI governance, cyber assurance and security testing conversations so recommendations are defensible and practical.
AI Governance
Australian Voluntary AI Safety Standard
NIST AI Risk Management Framework
ISO 42001
OWASP GenAI Top 10
Cyber Assurance
ASD Annual Cyber Threat Report
Essential Eight
NIST Cybersecurity Framework 2.0
ISO 27001
Security Testing
OWASP Web Top 10
OWASP API Security Top 10
OWASP GenAI / LLM Top 10
How to use these resources
Use guidance as a path from awareness to action
A useful resource should help teams move from reading to evidence-backed decisions, owners and uplift work.
Learn
Understand the current guidance, risks and terminology.
Assess
Compare the guidance against your organisation’s tools, data, controls and risks.
Act
Turn the findings into owners, priorities, policies, control uplift and evidence.
Need help turning guidance into action?
Resources are useful, but every organisation has different tools, risks, data, people and priorities. Praxis Cyber helps turn guidance into a practical roadmap, control uplift plan or readiness pathway.
Book a Readiness Call