A serious data breach does not automatically mean governance failed.
The more important question is whether an organisation can demonstrate that it understood the risks, assessed the third party, monitored its controls and responded effectively when something went wrong.
The OAIC’s report into the 2025 Qantas data breach provides a valuable example.
What happened?
The breach affected approximately 5.12 million Australians after a threat actor used phone-based social engineering to deceive an employee of an overseas contact centre provider.
Despite the scale of the incident, the OAIC’s preliminary inquiries did not identify evidence suggesting Qantas had failed to take reasonable steps to protect personal information or oversee its third-party provider.
That matters—not because Qantas prevented the incident, but because it could demonstrate an active system of third-party governance.
What Qantas could demonstrate
Before the breach, Qantas had:
- assessed the provider before onboarding
- conducted cyclical supplier audits
- recently completed an onsite security assessment
- assessed technical, operational, privacy and data governance controls
- required recurring cyber and privacy training
- tracked and reported training completion
- established contractual privacy and security obligations
- maintained audit rights
- implemented role-based access controls
- operated data retention and deletion processes.
Qantas could therefore produce evidence that it had continued to assess the provider after the contract was signed.
This is more meaningful than relying on a supplier questionnaire, compliance certificate or contractual promise.
The lesson for third-party risk management
Ongoing assessment cannot guarantee that a breach will never occur. It can demonstrate that the organisation took reasonable steps to understand and manage the risk.
A mature third-party assessment should ask:
- Are the expected controls operating effectively?
- Has the supplier’s risk profile changed?
- Have staff completed required training?
- Are access permissions still appropriate?
- Is personal information being retained only while needed?
- Have identified weaknesses been addressed?
- What is our current level of comfort in the controls?
This creates a defensible history of what the organisation knew, what it assessed and what actions it took.
The direct connection to AI
The same approach is essential when third parties provide AI models, platforms or AI-enabled services.
AI providers can change their models, data practices, subprocessors, security arrangements and system capabilities after the initial assessment. A product that was appropriate when approved may operate very differently six months later.
The OAIC’s guidance on commercially available AI products explicitly warns against a “set and forget” approach. Organisations should regularly review product performance, staff training and monitoring throughout the AI lifecycle.
Ongoing AI supplier assessments should examine:
- what personal or sensitive information the system accesses
- whether inputs or outputs are used to train models
- where data is processed and retained
- whether new subprocessors or external tools are involved
- whether changes affect the approved use case
- whether outputs remain accurate and reliable
- whether human oversight is operating
- whether security incidents and weaknesses are addressed.
This becomes even more important with agentic AI, where systems may access data, interact with external tools or initiate actions with limited human direction.
The governance takeaway
The OAIC’s report does not give Qantas a blanket endorsement, nor does it conclude that every control was perfect.
It does, however, show the value of continuing to assess third-party performance and retaining evidence of that oversight.
The objective is not to claim that a supplier is risk-free. It is to understand whether its controls continue to operate effectively—and to be able to prove it when it matters.

