Independent assurance for AI systems.

Independent review of AI systems for New Zealand government and enterprise — human oversight, algorithmic risk, and operational integrity, assessed by people who don’t build, sell, or run the models.

AI is being deployed faster than it’s being assured.

The Government’s Public Service AI Work Programme is standing up an assurance model and toolkit for AI in the public sector. The Responsible AI Guidance for the Public Service: GenAI sets explicit expectations across governance, accountability, transparency, bias, privacy, and Māori, Pacific Peoples and ethnic communities. Most agencies and enterprises are shipping AI features faster than they’re producing the evidence to back them up. AI systems assurance closes that gap with audit-grade independent review.

What we assess

Three lenses on every AI system we review — from chat assistants to decision-support models to embedded automation.

Human oversight

Where can a person intervene, override, or stop the system? We trace the actual decision pathway from input to output — and confirm an accountable human is in the loop where the framework says they have to be.

Algorithmic risk

Bias, hallucination, drift, prompt injection, data leakage. We probe the model with realistic inputs — including adversarial ones — and quantify how often it gets things wrong in ways that matter.

Operational integrity

Logging, monitoring, model versioning, rollback, incident response. The boring infrastructure that turns an AI demo into a system you can run safely — and prove you ran safely.

What you walk away with

  • Independent assurance report — findings, risks, and recommendations a board or minister can act on.
  • Risk-ranked findings register — every issue scored on likelihood and impact, with evidence attached.
  • Mapping against the Responsible AI Guidance — your system, side-by-side with the public service guidance areas it touches: governance, accountability, transparency, bias, privacy, accessibility, and Māori, Pacific Peoples and ethnic communities.
  • Remediation roadmap — prioritised, sequenced, costed at a level you can take into governance.
  • Executive readout — optional briefing for the board, steerco, or accountable executive responsible for the system.

Who it’s for

Organisations deploying AI where a wrong answer carries real consequences — for citizens, customers, or the public purse.

Public sector agencies

Agencies working under the Responsible AI Guidance and the Public Service AI Work Programme — needing the kind of independent evidence the new Government Digital Delivery Agency (GDDA) is signalling, as it embeds integrated standards and assurance practices across the public service.

Regulated industries

Banks, insurers, telcos, and health providers using AI in decisions that touch customers, payments, or clinical outcomes — where regulators are already asking what good assurance looks like.

Boards and accountable executives

Directors and senior leaders who carry the personal accountability when an AI system gets it wrong — and need an independent view of whether their teams have actually de-risked it.

Why Resync

Three reasons your AI assurance work gets a straight answer, not a sales pitch.

Truly independent

We don’t build the AI. We don’t sell the models. We don’t run the platforms. Our only loyalty is to whether your system does what you say it does — safely and lawfully.

AoG procurement-ready

An All-of-Government Marketplace approved supplier. Engaging Resync sits cleanly inside the modern digital procurement models the GDDA is delivering with the supplier market.

Local and Māori-owned

A New Zealand-owned, Māori-owned consultancy. Decisions get made here, with you — relevant when AI work touches cultural data, te reo, or the considerations the Responsible AI Guidance flags for Māori, Pacific Peoples and ethnic communities.

Scoped to your system

Every assurance engagement is scoped to the system you’re deploying — the model, the data it touches, the decisions it influences, the guidance you answer to. We agree scope, duration, and deliverables up front, and run a pre-deployment review or continuous assurance pattern depending on what your governance actually needs. Closely related to our broader independent QA Audit service — many engagements combine the two.

Frequently asked questions

What programme directors, accountable executives, and procurement leads ask us before an AI systems assurance engagement.

Who provides independent AI assurance in New Zealand?

Resync is a New Zealand-owned, Māori-owned independent QA consultancy and All-of-Government Marketplace approved supplier providing AI systems assurance across the public service and regulated industries. We don’t build, sell, or run AI systems — so our assurance work has no commercial conflict with the technology we’re reviewing.

What does an AI systems assurance review cover?

We assess three lenses on every AI system: human oversight (where and how accountable people can intervene), algorithmic risk (bias, hallucination, drift, prompt injection, data leakage), and operational integrity (logging, monitoring, versioning, rollback, incident response). Findings are mapped against the public sector’s Responsible AI Guidance and delivered as a board-ready report.

How does this relate to the Government’s Public Service AI Work Programme?

The Public Service AI Work Programme is standing up a Public Service AI assurance model and toolkit, with the new Government Digital Delivery Agency (GDDA) embedding integrated standards and assurance practices across the system. Resync’s independent assurance gives agencies the evidence and external view that complements those internal frameworks — particularly useful where you need a perspective that isn’t from inside your own delivery team.

What’s the difference between AI assurance and a standard QA audit?

A standard QA audit reviews how well your testing process exercised your software. AI systems assurance extends that with model-specific concerns: prompt and adversarial robustness, fairness across cohorts, explainability for affected individuals, and the cultural and Treaty considerations the Responsible AI Guidance highlights for Māori, Pacific Peoples and ethnic communities. Many engagements combine both.

Can Resync assure AI systems that touch te reo Māori or tikanga?

Yes. As a Māori-owned consultancy, this is a genuine differentiator rather than a values statement. Our team works with agencies on the considerations the Responsible AI Guidance flags for Māori, Pacific Peoples and ethnic communities — including cultural data handling, language model evaluation in te reo, and engagement with iwi or Māori advisory groups where the system warrants it.

Book a 30-minute conversation with an AI assurance lead.

We’ll review the AI system you’re deploying — or about to deploy — and tell you what an independent assurance review would surface. Free, no obligation, no sales pitch.