Opti Assist Free gives organisations a governed alternative to ChatGPT at no charge, on Australian-hosted infrastructure
AI security and compliance specialist ORCA Opti has today announced the release of Opti Assist Free, a no-cost, sovereign AI governance assistant built for regulated Australian organisations.
The launch is the company’s response to the rapid expansion of “shadow AI” inside Australian workplaces, and the widening gap between how employees are using AI and what regulators now expect from their employers.
Also Read: AiThority Interview with Matej Bukovinski, Chief Technology Officer at Nutrient
New research from Josys shows more than one-third of Australian professionals have already exposed sensitive company data to AI platforms, most of it through personal accounts on tools their employer cannot see or control.
With generative AI adoption now outpacing the governance around its use, the risk horizon with respect to sovereign data and the emigration of confidential information is growing rapidly.
Opti Assist Free is designed to address this issue in a number of ways. The solution runs on Australian infrastructure, does not send user inputs to third-party AI providers, and does not train on customer data. Organisations sign up with a Microsoft 365 work or school email account, no credit card, no procurement approval, no trial period.
Each user receives enough free credits to run multiple queries, create documents and policies in a secure environment, and run a structured compliance gap analysis against the frameworks that matter most to Australian organisations, including ISO 27001, Essential Eight, DISP, NDIS Practice Standards, ISO 42001, PSPF and DSPF. Free users also get access to ORCA Opti’s specialist industry agents.
The output is a nine-section readiness report, scored from 0 to 100 across each compliance domain, with gaps rated by severity, prioritised remediation steps, and audit-ready language.
“A DISP readiness report at this level of detail used to cost around $5,000 and take three weeks,” said Kathryn Giudes, Founder and Managing Director of ORCA Opti.
“We’re giving it away for free, on sovereign infrastructure, and it takes about fifteen minutes. Every Australian organisation deserves to know where they stand on compliance. Cost and complexity shouldn’t be the barrier, and neither should sending the answers to an overseas tech company.”
At a glance, Opti Assist Free includes:
- Sovereign Australian-hosted infrastructure, with no data sent outside your ‘safe zone’; no information to third-party AI providers and no training on user inputs.
- Compliance gap analysis and scored readiness reports against ISO 27001, Essential Eight, DISP, NDIS Practice Standards, ISO 9001, ISO 42001, PSPF and DSPF, and more.
- Specialist industry agents covering compliance, governance, AI automation and sector-specific regulation, personalised to each organisation at onboarding.
- 100,000 OO Credits per month, sufficient for everyday queries, gap analyses and report generation.
- Easy, free Microsoft 365 work or school account email sign-up.
- A clear upgrade path to paid Opti Assist and Opti Core tiers for additional users and governed business administration works.
The Scale, Risk and Consequences of Unmanaged AI
The launch follows a recent presentation by Giudes at the 2026 Sunshine Coast Cybersecurity Conference, “SunCon”, documenting the scale of unmanaged AI use inside Australian workplaces.
Cyberhaven data shows 85.7 per cent of knowledge [office] workers now use AI at work, 72.8 per cent of them on personal accounts, and that 83.8 per cent of enterprise data flowing into AI tools is going to platforms classified as high or critical risk. Eleven per cent of what employees paste into those tools is confidential and should not be there.
The consequences of such risks has already come to fruition in some cases. In March 2026, a single contractor exploited a known vulnerability in McKinsey’s internal AI chat assistant and extracted 46.5 million confidential conversations referencing 728,000 client files in two hours.
In 2023, Samsung engineers pasted proprietary semiconductor source code into the consumer version of ChatGPT within seven days of lifting an internal ban. That data entered the model’s training pipeline and cannot be removed, ever.
Australian regulators have responded. The Office of the Australian Information Commissioner’s October 2024 guidance made organisations directly accountable for any personal information employees enter into commercial AI tools, including ChatGPT, Copilot and Gemini.
Privacy Act reforms passed the same year lifted maximum penalties for serious breaches to the greater of $50 million, three times the benefit obtained, or 30 per cent of adjusted turnover.
The Australian Signals Directorate’s March 2026 update to the Information Security Manual introduced its first formal AI-specific controls, and Australia’s Voluntary AI Safety Standard set out ten guardrails covering transparency, accountability, human oversight and data governance.
In February 2025, the Australian Government also banned DeepSeek from all federal devices under Direction 001-2025, citing foreign-government access risk.
“Banning ChatGPT did not work for Samsung, JPMorgan or Apple, and it will not work for an Australian council, hospital or defence supplier either,” said Giudes.
“The lesson was never ‘ban AI’. The lesson was ‘ungoverned AI is the risk.’ Regulators have accepted that AI is inevitable. What they will not accept is that organisations can no longer say where their data went, who used it, or which foreign model is now trained on it. That is the visibility gap.
“Opti Assist Free is how we close it, not by banning AI, but by giving people a version of it they can safely say yes to.”
Opti Assist Free is targeted at the organisations most exposed to the current visibility gap: professional services firms, healthcare providers, NDIS operators, financial services, government suppliers, defence industry participants and research institutions that operate under frameworks such as ISM (Essential 8), ISO 9001 Quality Management, ISO 27001 Information Security management, or PSPF, DSPF under DISP, but lack the in-house capacity of a large enterprise security team.
The product is the entry point to ORCA Opti’s broader governed AI stack. Organisations that need more than one user, additional credits, deep research, automated workflows or full governance, risk and compliance tooling can upgrade through paid Opti Assist and Opti Core tiers, all built on the same sovereign architecture.
“This is so much more than a modern agent,” said Giudes. “It’s a governed AI environment, with a compliance assessment built in. That is the version of AI Australian organisations have been waiting for. Not only does ORCA keep the privacy and security guardrails, it also enables real-time ESG, anti-slavery reporting and simplifies self-reporting requirements.”
Opti Assist Free is available now for anyone with a Microsoft 365 work or school account at http://www.orcaopti.ai/free.
ORCA Opti is the governed AI and compliance platform built for regulated Australian organisations. Founded in 2024 and headquartered in Brisbane, ORCA Opti runs inside Microsoft 365 on sovereign Australian infrastructure, giving teams a safe way to operationalise AI while continuously measuring compliance posture against the standards their industry runs on.
Also Read: AI systems – Interoperable AI systems: Connecting models across platforms
[To share your insights with us, please write to psen@itechseries.com]
Comments are closed.