Perth, Australia

Compliance Consulting in Perth.

Compliance Consulting in Perth — built for the mining sector that drives the region. Compliance work that does not bury your engineering team — ISO 27001, SOC 2, Essential Eight and NIST CSF mapped to controls you actually run, not parallel paperwork.

Book a scoping call All locations
Median time-to-certification under 6 months — across Basalt operations in the past 12 months.
THREAT VECTOR

Threats facing Perth mining.

The mining, energy, defence concentration around Perth sees OT/SCADA on remote sites, satellite-link interception and contractor identity sprawl. Our compliance consulting work in WA is scoped against this real threat profile, not a generic checklist.

Common pains

  • Frameworks treated as paperwork rather than control programs
  • Evidence collection eating engineering time
  • Audit findings reappearing year after year
ENGAGEMENT

How we engage.

  • Gap assessment against your target framework
  • Control implementation roadmap with effort estimates
  • Evidence automation against your existing systems
  • Mock audit and remediation cycle

Reporting

Every finding ships with a control reference against ASD Essential Eight and SOCI Act, with ACSC guidance cited where it changes the remediation priority. Board reporting follows the APRA CPS 234 expectation set.

LOCAL CONTEXT

Local context.

Basalt delivers compliance consulting to organisations across Perth and the wider WA region (population ~2.2M). The mining, energy, defence sectors that anchor the region face a distinct threat profile — OT/SCADA on remote sites, satellite-link interception and contractor identity sprawl — and our engagements are scoped to that, not a generic playbook. Reporting maps cleanly to the ASD Essential Eight and SOCI Act that Australian boards already use, with regulator context (ACSC) called out where it changes a remediation priority.

RATIONALE

Why Basalt for compliance consulting in Perth.

Decision-first scoping

Before a single test runs, we agree the decision the output will change — invest, divest, accept, fix. Perth engagements without a named decision-maker don't get past scoping. That discipline keeps work focused.

Regulator-ready output

Every finding is tagged against ASD Essential Eight and SOCI Act controls with ACSC guidance cited where it shifts a remediation priority. Your compliance team stops re-mapping our reports.

Continuous, not one-shot

Compliance Consulting doesn't end at the report. Basalt's Perth clients run retainer reviews on a quarterly cadence so the security posture compounds rather than drifting back six months after the engagement.

2026 THREAT LANDSCAPE

What we test for.

  • Agentic AI tool-abuse and indirect prompt injection at scale
  • MCP server and AI-tool supply chain compromise
  • Post-quantum cryptographic readiness (NIST PQC migration)
  • Identity-first attack chains across federated SaaS
  • Open-source software supply chain (post-xz, post-tj-actions)

Cyber security in Australia can't be done with last year's threat models. The Basalt practice runs against current attacker tradecraft — agentic AI abuse, MCP and AI-tool supply chain, post-quantum readiness — alongside the legacy infrastructure work that still keeps most organisations awake at night.

FAQ

Frequently asked questions.

How fast can Basalt start a compliance consulting engagement in Perth?

Most Perth engagements scope inside one week and start within two. Retainer clients can trigger work the same day. We do not pipeline Australian clients through junior teams — a senior consultant scopes and runs the work end-to-end.

Do you do compliance consulting on-site in Perth or remote?

Both. Sensitive work — classified-adjacent environments, live incident response, OT walkthroughs — gets on-site time in Perth and the wider WA region. Routine assessments and detection engineering run remote with a tight feedback loop.

How does Basalt map findings to Australian regulators?

Every finding ships with a control reference against the ASD Essential Eight and SOCI Act so your compliance team is not re-mapping our report. Where ACSC guidance exists for the specific finding, we cite it inline. Board-level reporting follows the APRA CPS 234 expectation set.

What makes compliance consulting in Perth different from a generic engagement?

The mining sector concentration in Perth drives a different threat model than a generic Australian engagement — OT/SCADA on remote sites, satellite-link interception and contractor identity sprawl. Our scoping reflects that, and so does the test library we bring to the work.

Is Basalt set up for AI-era threats, not just legacy infrastructure?

Yes — this is core to how we work. Basalt actively researches and tests against agentic AI tool-abuse and indirect prompt injection at scale, MCP server and AI-tool supply chain compromise and identity-first attack chains across federated SaaS. Most regional providers haven't mapped these attack paths; we run them in production against client systems with explicit scope.

RELATED OPERATIONS

Other operations in Perth.

Cyber Security Consulting in Perth

Strategic cyber security consulting

Explore →

AI Red Teaming in Perth

Adversarial testing for LLMs and AI systems

Explore →

Penetration Testing in Perth

CREST-aligned penetration testing

Explore →

Code Security Audit in Perth

Source code review and SAST/DAST integration

Explore →

OTHER DEPLOYMENTS

Compliance Consulting in other Australia cities.

Compliance Consulting in SydneyCompliance Consulting in MelbourneCompliance Consulting in BrisbaneCompliance Consulting in AdelaideCompliance Consulting in Gold CoastCompliance Consulting in NewcastleCompliance Consulting in CanberraCompliance Consulting in WollongongCompliance Consulting in HobartCompliance Consulting in GeelongCompliance Consulting in TownsvilleCompliance Consulting in Cairns

One short call, no pitch deck.30 minutes with a senior operator. You leave knowing whether compliance consulting is the right next move for your Perth team.

Get on the calendar