eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1laWQiOiJhNDdhNDlmZS03MGQwLTQwNTYtODA1Ni04ODgyZmU3MzZiMWQiLCJyb2xlIjoiQXBpVXNlciIsIm5iZiI6MTc4MjI0NTk5OCwiZXhwIjoxNzgyMjQ3MTk4LCJpYXQiOjE3ODIyNDU5OTgsImlzcyI6Imh0dHBzOi8vd3d3Lm1pbnRlcmVsbGlzb24uY29tL3Blb3BsZS9kYXZpZC1kb3JuYnJhY2siLCJhdWQiOiJodHRwczovL3d3dy5taW50ZXJlbGxpc29uLmNvbS9wZW9wbGUvZGF2aWQtZG9ybmJyYWNrIn0.lEsyEwSG2TbHrUNeQKlhG0OhKLQZO8dc8T1cN2Tbfsg
https://www.minterellison.com/people/david-dornbrack
CLOSE
CONTACT US Search Minter Ellison
David Dornbrack
Senior Director
In my role as a Lead Auditor, I can guide organisations in understanding the intent of the ISO/IEC 42001 standard, translating it into clear, workable requirements, for their AI system(s). My broad experience across numerous other standards, certifications and frameworks, including ISO/IEC 27001, PSPF, IRAP and TOGAF positions me to be able to provide practical, grounded advice.

I am a Senior Director specialising in AI governance, cyber security, and systems assurance within complex government and regulated‑industry environments. I bring together deep technical experience, decades of leadership across public‑sector digital assurance, and practical insight into operational risk, policy design, and technology-enabled transformation.

I advise clients on AI trust, safety, and assurance frameworks; systems‑of‑systems analysis; strategic risk approaches aligned with national security expectations; and the application of emerging regulatory frameworks such as ISO/IEC 42001 and ISO/IEC 27001. I work closely with executives, boards and program owners to design clarity-focused assurance strategies that reduce complexity, increase accountability, and enable safe adoption of advanced technologies.

Before joining MinterEllison, I held senior roles across defence, government oversight functions, and technology assurance practices. My background includes modelling complex systems, leading technology audits, and developing methodologies for risk assessment in high‑assurance environments. I have worked extensively on improving authorisation pathways for government systems, driving consistency, and reducing cost by establishing reusable component‑based assurance models.

Career highlights

  • Leading Federal Government agencies in strengthening PSPF implementation, AI‑related risk management and system authorisation, providing practical, business‑aligned guidance rather than narrow compliance‑driven interpretations.
  • Building highly-respected assurance and cyber‑risk practices — including establishing multi-million dollar System Authorisation and Pen Testing capability – and advised major agencies through complex, high‑value security programs.
  • Shaping national cyber‑assurance policy by contributing to Australian Signals Directorate's redesign of the IRAP Policy and Procedures during the program’s suspension, helping establish the modern IRAP framework used across government.
  • Auditing and advising Services Australia and other large agencies on security posture and safe adoption of emerging technologies, including assessment of Microsoft Copilot and IBM Watsonx against ASD’s ISM system‑authorisation requirements.
  • Guiding agencies such as AFMA, RailCorp and Services Australia through enterprise and security architecture uplift, PCI‑DSS gap assessments, ISO27001 certification pathways and ISMS operationalisation using continuous‑improvement methods.
  • Developing the alternate System‑of‑Systems assurance model authorisation approach, enabling agencies to meet the PSPF requirement to “authorise all systems prior to deployment” through reusable, component‑level assurance.
  • Conducting strategic PCI-DSS audits across for financial institutions, delivering clear, pragmatic, and actionable yet balanced recommendations aligned to organisational business goals.
  • Applying rigorous analytical and engineering expertise gained as a defence researcher at the National Institute of Defence Research, modelling helicopter structures using Finite Element Methods to support defence capability development.

 

© 2026 MinterEllison