Blog

Claude Code and Claude Cowork Come to Government: What It Signals for Australian Public Sector AI

July 2026 · 6 min read · Industry Guide

Line illustration of a government building beside a terracotta security shield with a tick
← Back to all posts

Anthropic has put Claude Code and Claude Cowork into public beta inside Claude for Government Desktop, running in a FedRAMP High authorised environment. It is a United States announcement, not an Australian one. For anyone selling to, or working inside, Australian government, the shape of the release matters more than the jurisdiction it landed in. It answers the three questions procurement teams here keep asking about agentic AI: can we authorise it, can we audit it, and can we control what it costs.

What Anthropic actually shipped

The release brings both products into the same desktop application commercial customers already use, delivered through an environment that carries FedRAMP High authorisation. The detail worth reading closely is the governance layer, not the model.

  • Claude Code gives public-sector engineering teams an agent that can build and modernise the software behind public services, from ageing legacy systems to new digital front doors.

  • Claude Cowork works directly with files on the desktop, so staff hand over memo drafting, RFP reviews, casework and briefing decks instead of starting from a blank page.

  • Administrators set configuration defaults and allocate spending across departments, and security teams get tamper-evident audit logs plus documentation that supports the agency authorisation process.

None of that is glamorous. It is also exactly what has been missing. The model has been good enough for public-sector work for a while now. The controls around it were the blocker.

Why FedRAMP High is the part Australian buyers should notice

FedRAMP High is a US control baseline, and it does not transfer to Australia. Our equivalents are the Information Security Manual, the IRAP assessment process and the Essential Eight. What carries across is the pattern: a vendor has taken a general-purpose AI product and wrapped it in the assurance scaffolding a regulated buyer needs before they can say yes. That is the same scaffolding a NSW agency or a Commonwealth department asks Automata AI about in the first meeting.

For a long time the honest answer to public-sector teams was that agentic AI was impressive in a demo and unauthorisable in production. A move like this narrows that gap. It does not close it in Australia, and it would be wrong to imply otherwise, but it shows the direction of travel and gives local buyers a concrete reference point to push their own vendors toward.

The three questions Australian agencies actually ask

Across the public-sector and regulated conversations we have in Sydney and interstate, the same three questions come up before anyone talks about use cases at all.

  • Can we audit it? Every action an agent takes needs a tamper-evident record a security team and an authorising officer can review after the fact. The audit logs in this release speak directly to that requirement.

  • Can we control the spend? An agent that runs dozens of parallel tasks is powerful and easy to lose track of financially. Department-level allocation and spend controls turn an open-ended bill into a managed budget line.

  • Where does the data go? Desktop file workflows keep more of the work on infrastructure the agency already controls, which is often the difference between a pilot that clears review and one that stalls in it.

A sense of scale

The public-sector proof point already exists. The Government of Alberta ran more than 50 parallel Claude Code agents across a codebase of roughly 466 million lines to find and fix issues at a scale no manual team could reach. That is the kind of number that changes how a chief information officer thinks about legacy modernisation.

The economics scale down as well as up. A mid-sized policy or digital team of a dozen people might spend on the order of $6,000 a month on Claude seats, set against the contractors and overtime that manual document and code work currently absorbs. A single stalled procurement, or a security review that has to be re-run, can cost far more than that across a quarter. The question for an Australian agency is rarely the licence fee. It is whether the work clears governance.

What this does not mean yet

This is a United States release inside a US authorisation boundary. There is no Australian government certification implied here, and anyone positioning it locally should verify current availability and authorisation status from the source before making a claim. The useful reading is not that Claude is now approved for Australian government. It is that the assurance features Australian buyers need are now first-class parts of the product, which is a far stronger starting point than it was twelve months ago.

Where Australian teams and their vendors go next

  • If you run technology inside government, treat this as a prompt to map Claude Code and Cowork against your ISM controls and Essential Eight posture, rather than against a US baseline that does not apply.

  • If you sell into government, the winning message is not certification you do not hold. It is auditability, spend control and desktop-file workflows, framed against IRAP and the ISM in plain language.

  • Either way, start with one bounded workflow that has a clear owner and a measurable before-and-after, not an agency-wide rollout that no security team will sign.

We help Australian public-sector teams, and the vendors who serve them, work out which Claude workflows can realistically clear governance and which are still a year early. If that question is on your desk, book a brainstorm and we will map it against your controls.

Ready to move from AI pilot to production?

We help mid-market Australian businesses deploy AI automations that actually reach production and deliver measurable ROI.