AI Incident Response Playbook
Step-by-step playbook for responding to AI system failures: detection, escalation, regulatory notification, affected-individual communication, and post-incident review.
About this resource
Every organisation using AI at scale will eventually have an AI incident. Most have no plan for when it happens. This playbook provides the workflow: how to detect AI incidents, how to triage them, who needs to be involved, what regulators must be notified, and how to conduct meaningful post-incident review.
What this resource covers
- AI incident classification matrix (performance, fairness, security, compliance)
- Severity scoring framework with escalation triggers
- Cross-functional response team structure and RACI
- EU AI Act serious incident notification template
- GDPR breach assessment overlay (where personal data is involved)
- Affected-individual communication templates
- Post-incident review template (technical + governance root cause)
- Incident log template for compliance evidence
Who it's for
- Risk and compliance teams establishing AI incident processes
- Legal counsel preparing incident response infrastructure
- Operations and engineering teams running AI systems in production
- CROs needing board-reportable incident frameworks
Read the detail on-site
The full analysis behind this resource is published in our insights, each linked to primary regulatory sources.
Put it to work
See where you stand
Take the free 7-question AI governance maturity assessment, it runs entirely in your browser and gives you a tailored view of your gaps in about three minutes.
Free assessment, 3 minutes Browse all insightsEverything here is free and on this site, no sign-up, no download required.