Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Aon has from time-to-time experienced cybersecurity incidents. In the event of a cybersecurity incident, Aon responds in accordance with our policies, processes, applicable laws and regulations. When necessary, Aon also engages third parties, such as external cybersecurity advisors to investigate and remediate incidents. To date, the cybersecurity incidents have not had a material impact on our business strategy, results of operations, or financial condition, but we face risks from cybersecurity threats that, if realized, may materially affect us, including our business strategy, results of operations, or financial condition. For additional information regarding the risks from cybersecurity threats, please see the risk factors entitled “We rely on complex information technology systems and networks to operate our business. Any significant system or network disruption due to a breach in the security of our information technology systems could have a negative impact on our reputation, operations, sales, and operating results” and “Improper disclosure of confidential, personal, or proprietary data could result in regulatory scrutiny, legal liability, or harm to our reputation” in Part I, Item 1A of this report. Aon strives to protect the personal and confidential data of our clients and our colleagues. To do so, Aon engages in a risk-based approach to adopting and implementing technical, organizational, administrative, and physical safeguards for cybersecurity. One key component to safeguard against risks facing Aon’s technology and security is Aon’s enterprise risk management (“ERM”) program. Aon’s management carries out the processes, controls, and practices of the Company’s ERM program, including the identification, assessment, prioritization, and mitigation of cybersecurity risks. Aon uses external service providers, where appropriate, to assess, test or otherwise assist with aspects of its security processes. The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Aon strives to protect the personal and confidential data of our clients and our colleagues. To do so, Aon engages in a risk-based approach to adopting and implementing technical, organizational, administrative, and physical safeguards for cybersecurity. One key component to safeguard against risks facing Aon’s technology and security is Aon’s enterprise risk management (“ERM”) program. Aon’s management carries out the processes, controls, and practices of the Company’s ERM program, including the identification, assessment, prioritization, and mitigation of cybersecurity risks. Aon uses external service providers, where appropriate, to assess, test or otherwise assist with aspects of its security processes.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters. In addition, Aon maintains a Global Security Services (“GSS”) organization, led by the CSO, with dedicated security personnel responsible for protecting Aon’s people, property, and information. Aon’s CSO reports to Aon’s Chief Operating Officer and is an experienced technology and cybersecurity professional, with over 20 years’ experience in information security and technology. The Company’s Global Emergency Operations Center (“GEOC”) serves as a single point of control, coordination, and communication for protecting Aon's people, property, and information. The GEOC is responsible for triage of all incidents pertaining to the confidentiality, integrity, and availability of customer data. The GEOC monitors threat intelligence reporting and receives alerts and reports from Aon colleagues and IT systems. In coordination with the Global Privacy Office (“GPO”) and GSS, the GEOC reports significant cybersecurity incidents to the Cyber Incident Governance Committee (“CIGC”). The CIGC is comprised of members of management, and is responsible for reviewing significant cybersecurity incidents. The CIGC includes the CSO, the Chief Privacy and Data Trust Officer, and other representatives from the Company’s GPO and GSS, as well as leaders from the Company’s operations, Risk Management, Law & Compliance, Controllership, Internal Audit, and Communications functions. The CIGC reviews and assesses cybersecurity incidents and is responsible for coordinating the mitigation and remediation of such incidents. The Company regularly conducts security scanning and reviews of regulatory IT controls. Additional security reviews may be triggered in connection with the assessment of new projects, business initiatives or third-party/supplier engagements. The Company’s Internal Audit function follows a risk-based approach to evaluating controls over key enterprise risks, including cybersecurity, as well as compliance with select regulations and corporate policies. Aon has established a third-party risk governance program that creates guidelines for selecting and managing its suppliers, including assessing of their operational capabilities, adherence to the Company’s data security requirements, and technical, organizational, and physical safeguards. Contractual requirements and periodic reviews are designed to promote compliance with Aon’s security requirements. Aon’s GPO and Law & Compliance department work with business units to incorporate appropriate controls into supplier contracts.
Cybersecurity Risk Role of Management [Text Block]	The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters. In addition, Aon maintains a Global Security Services (“GSS”) organization, led by the CSO, with dedicated security personnel responsible for protecting Aon’s people, property, and information. Aon’s CSO reports to Aon’s Chief Operating Officer and is an experienced technology and cybersecurity professional, with over 20 years’ experience in information security and technology. The Company’s Global Emergency Operations Center (“GEOC”) serves as a single point of control, coordination, and communication for protecting Aon's people, property, and information. The GEOC is responsible for triage of all incidents pertaining to the confidentiality, integrity, and availability of customer data. The GEOC monitors threat intelligence reporting and receives alerts and reports from Aon colleagues and IT systems. In coordination with the Global Privacy Office (“GPO”) and GSS, the GEOC reports significant cybersecurity incidents to the Cyber Incident Governance Committee (“CIGC”). The CIGC is comprised of members of management, and is responsible for reviewing significant cybersecurity incidents. The CIGC includes the CSO, the Chief Privacy and Data Trust Officer, and other representatives from the Company’s GPO and GSS, as well as leaders from the Company’s operations, Risk Management, Law & Compliance, Controllership, Internal Audit, and Communications functions. The CIGC reviews and assesses cybersecurity incidents and is responsible for coordinating the mitigation and remediation of such incidents.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Aon maintains a Global Security Services (“GSS”) organization, led by the CSO, with dedicated security personnel responsible for protecting Aon’s people, property, and information. Aon’s CSO reports to Aon’s Chief Operating Officer and is an experienced technology and cybersecurity professional, with over 20 years’ experience in information security and technology.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Aon has from time-to-time experienced cybersecurity incidents. In the event of a cybersecurity incident, Aon responds in accordance with our policies, processes, applicable laws and regulations. When necessary, Aon also engages third parties, such as external cybersecurity advisors to investigate and remediate incidents. To date, the cybersecurity incidents have not had a material impact on our business strategy, results of operations, or financial condition, but we face risks from cybersecurity threats that, if realized, may materially affect us, including our business strategy, results of operations, or financial condition. For additional information regarding the risks from cybersecurity threats, please see the risk factors entitled “We rely on complex information technology systems and networks to operate our business. Any significant system or network disruption due to a breach in the security of our information technology systems could have a negative impact on our reputation, operations, sales, and operating results” and “Improper disclosure of confidential, personal, or proprietary data could result in regulatory scrutiny, legal liability, or harm to our reputation” in Part I, Item 1A of this report.

Aon strives to protect the personal and confidential data of our clients and our colleagues. To do so, Aon engages in a risk-based approach to adopting and implementing technical, organizational, administrative, and physical safeguards for cybersecurity. One key component to safeguard against risks facing Aon’s technology and security is Aon’s enterprise risk management (“ERM”) program. Aon’s management carries out the processes, controls, and practices of the Company’s ERM program, including the identification, assessment, prioritization, and mitigation of cybersecurity risks. Aon uses external service providers, where appropriate, to assess, test or otherwise assist with aspects of its security processes.

The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of

cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.

Cybersecurity Risk Management Processes Integrated [Text Block]

Aon strives to protect the personal and confidential data of our clients and our colleagues. To do so, Aon engages in a risk-based approach to adopting and implementing technical, organizational, administrative, and physical safeguards for cybersecurity. One key component to safeguard against risks facing Aon’s technology and security is Aon’s enterprise risk management (“ERM”) program. Aon’s management carries out the processes, controls, and practices of the Company’s ERM program, including the identification, assessment, prioritization, and mitigation of cybersecurity risks. Aon uses external service providers, where appropriate, to assess, test or otherwise assist with aspects of its security processes.

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of

cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Company’s Board oversees Aon’s ERM program and allocates certain oversight responsibilities to its committees and any sub-committees, as appropriate. The Board has delegated to the Audit Committee the primary responsibility for the oversight of the Company’s ERM program. The Audit Committee also has primary responsibility for the oversight of

cybersecurity risk and engages in regular discussion with management regarding cybersecurity and privacy risk mitigation and incident management. Cybersecurity matters are an important focus of our Board’s oversight of risk. The Company’s management, including the Chief Security Officer (“CSO”), regularly presents to the Audit Committee of the Board regarding cybersecurity matters. Members of senior management attend Board and committee meetings to address any questions or concerns raised by the Board related to risk management, including those relating to cybersecurity, and any other matters.

In addition, Aon maintains a Global Security Services (“GSS”) organization, led by the CSO, with dedicated security personnel responsible for protecting Aon’s people, property, and information. Aon’s CSO reports to Aon’s Chief Operating Officer and is an experienced technology and cybersecurity professional, with over 20 years’ experience in information security and technology.

The Company’s Global Emergency Operations Center (“GEOC”) serves as a single point of control, coordination, and communication for protecting Aon's people, property, and information. The GEOC is responsible for triage of all incidents pertaining to the confidentiality, integrity, and availability of customer data. The GEOC monitors threat intelligence reporting and receives alerts and reports from Aon colleagues and IT systems. In coordination with the Global Privacy Office (“GPO”) and GSS, the GEOC reports significant cybersecurity incidents to the Cyber Incident Governance Committee (“CIGC”).

The CIGC is comprised of members of management, and is responsible for reviewing significant cybersecurity incidents. The CIGC includes the CSO, the Chief Privacy and Data Trust Officer, and other representatives from the Company’s GPO and GSS, as well as leaders from the Company’s operations, Risk Management, Law & Compliance, Controllership, Internal Audit, and Communications functions. The CIGC reviews and assesses cybersecurity incidents and is responsible for coordinating the mitigation and remediation of such incidents.

The Company regularly conducts security scanning and reviews of regulatory IT controls. Additional security reviews may be triggered in connection with the assessment of new projects, business initiatives or third-party/supplier engagements. The Company’s Internal Audit function follows a risk-based approach to evaluating controls over key enterprise risks, including cybersecurity, as well as compliance with select regulations and corporate policies.

Aon has established a third-party risk governance program that creates guidelines for selecting and managing its suppliers, including assessing of their operational capabilities, adherence to the Company’s data security requirements, and technical, organizational, and physical safeguards. Contractual requirements and periodic reviews are designed to promote compliance with Aon’s security requirements. Aon’s GPO and Law & Compliance department work with business units to incorporate appropriate controls into supplier contracts.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Aon maintains a Global Security Services (“GSS”) organization, led by the CSO, with dedicated security personnel responsible for protecting Aon’s people, property, and information. Aon’s CSO reports to Aon’s Chief Operating Officer and is an experienced technology and cybersecurity professional, with over 20 years’ experience in information security and technology.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true