A simple (or even complicated but correct) answer would be most appreciated.
That's a challenge, are I am not sure there is such a "correct" answer on this
While your company is located and doing business in Australia only, the risk is minimal or nil. The EU is not going to sue your company in Australia. The risk suddenly becomes serious if you decide to open a branch in a EU country and you have been breaching the GDPR for a while.
Also, you need to comply to opt-in/opt-out regulation per the Australian law, which provides a first level of regulation coverage anyway. I gather (correct me if I am wrong) that you need at least to have an opt-in cookie in place and an email opt-out policy too.
Last, you can use some IP based country filter for DNT certains countries, but it is not 100% bullet proof. What about a EU citizen traveling in Australia and connecting on your web site? What about people using VPN to connect to the internet and therefore giving the system a wrong location?
In addition, please discuss with your Legal Counsel.
Australian rules are more restrictive in some cases than GDPR, so you'd effectively comply with most of it by default.