Skip to main content
Reach Out

Define the Rules Before You Deploy.

One checklist per AI workflow. Fill it out with your team, get it signed off by the right people, and keep it on file. These are the guardrails that prevent a good system from becoming a governance problem.

How to Use This Checklist

  1. Complete one checklist per AI workflow. Reuse for each new deployment — do not share a single checklist across multiple workflows.
  2. Fill in the owner and notes fields for every item. A checked box without an assigned owner provides no accountability.
  3. Get the sign-off. All three stakeholders in Section 6 must sign before a workflow goes live. That is the point of the document.
  4. To file or share it, use the Print / Save as PDF button. Store the signed copy alongside your Intent Document.
Items confirmed
0 / 24
Section 1

Access Control

Who can interact with this workflow?
Who can trigger it:
Who can modify it:
Who reviews outputs:
Escalation contact:
Where documented:
Section 2

Data Boundaries

What does this workflow touch?
Source systems:
Destination systems:
Data types involved:
Fields in use:
Retention period:
Section 3

Output Limits

What is this workflow allowed to decide?
Volume ceiling:
High-risk decisions:
Threshold or trigger:
Output format / destination:
Cost ceiling:
Section 4

Monitoring & Escalation

Who is watching and when?
Monitoring owner:
Review cadence:
What triggers an alert:
Who receives alerts:
Where the procedure lives:
Section 5

Fail‑Safe & Override

How do you stop or roll back?
How to pause it:
Who can activate override:
Rollback procedure:
Downstream dependencies:
Section 6

Stakeholder Sign‑off

This workflow does not go live without all three.
Workflow Owner
Signature
Technical Lead
Signature
Executive Sponsor
Signature
Items confirmed
0 / 24

When to Update This Checklist

This document is live, not a one-time sign-off. Revisit it whenever any of the following change:

  • The workflow logic, prompts, or model version changes.
  • A new system is added as a data source or output destination.
  • A named owner, reviewer, or escalation contact leaves the role.
  • Volume, cost, or risk profile increases significantly.
  • A governance incident occurs that exposes a gap in this checklist.

Treat a quarterly review as a minimum, even if nothing appears to have changed. AI systems drift. Your guardrails need to keep pace.

Use With These Tools

Governance Framework

The framework this checklist comes from. Phase 2 of the implementation plan produces one Guardrail Checklist per workflow.

Intent Document

Complete the Intent Document before this checklist. It defines what the workflow is supposed to do — this checklist defines what it is allowed to do.

Audit Log

The monitoring schedules in Section 4 are only useful if you have an audit log to review. Set up logging before deployment.