Governance Templates

Ready-to-use document templates for every policy, assessment, matrix, and report referenced across the 43 controls. Copy, customize, and implement.

GOVERN BUILD SECURE DEPLOY MONITOR IMPROVE
GOVERN 5 templates
AI Acceptable Use Policy Policy

Defines permitted AI use cases, prohibited activities, data handling requirements, and approval workflows.
AI Risk Appetite Statement Statement

Documents organizational AI risk tolerance across key categories with thresholds and approval authorities.
RACI Roles & Responsibilities Matrix Matrix

Defines roles and responsibilities across all AI governance activities using RACI assignments.
Vendor/Model Evaluation Scorecard Rubric

Structured evaluation rubric for assessing AI vendors and models across security, privacy, performance, and risk dimensions.
AI Asset Inventory Register Register

Centralized register tracking all AI systems, models, agents, and tools with ownership, risk classification, and status.
BUILD 4 templates
AI Code Review Checklist Checklist

Structured checklist for reviewing AI-generated and AI-integrated code covering security, quality, and compliance.
Human Review Gate Definitions Procedure

Defines mandatory human review checkpoints in the AI development lifecycle with criteria and escalation procedures.
Data Pipeline Validation Test Plan Plan

Test plan for validating AI data pipelines covering data quality, lineage, bias detection, and integrity checks.
Model Selection & Model Card Card

Standardized model card documenting model purpose, capabilities, limitations, performance, and ethical considerations.
SECURE 4 templates
AI Threat Model Assessment

Structured threat modeling template for AI systems covering attack surfaces, threat actors, and mitigation strategies.
Prompt Security Guidelines Guidelines

Security guidelines for writing, testing, and hardening AI prompts against injection, leakage, and manipulation attacks.
Agent Permission Boundary Matrix Matrix

Documents permission boundaries, tool access, and operational limits for each AI agent.
AI Red Team Playbook Playbook

An AI-specific red team engagement playbook with attack scenarios, execution templates, and remediation tracking.
DEPLOY 3 templates
Deployment Readiness Checklist Checklist

A pre-deployment checklist ensuring all security, performance, and governance requirements are met before go-live.
Change Management Request Form Form

A structured change request form for model updates with impact assessment, testing evidence, and approval chain.
SLA & Performance Baseline Document Document

Defines SLA targets, performance baselines, and monitoring thresholds for AI systems.
MONITOR 3 templates
AI Incident Response Plan Plan

An AI-specific incident response plan covering detection, triage, containment, and post-incident review procedures.
KPI/KRI Definitions & Dashboard Spec Spec

Defines key performance and risk indicators for AI governance with targets, thresholds, and dashboard specifications.
Compliance Report Template Report

A quarterly compliance report template summarizing control status, audit findings, incidents, and training completion.
IMPROVE 2 templates
Post-Incident Review Report Report

A post-incident review template with timeline, root cause analysis, corrective actions, and lessons learned.
AI Governance Maturity Assessment Assessment

An AI governance maturity assessment tool with level definitions, domain scoring, gap analysis, and improvement roadmap.