# AI Incident Response Template

## Trigger conditions

Use this process when:

- restricted data may have been exposed
- AI output caused or nearly caused harm
- an unapproved tool was used for work
- an automation or agent took an unintended action
- a policy bypass or logging gap is discovered

## Response steps

1. Contain the issue.
2. Preserve evidence and relevant records.
3. Notify the governance lead and required stakeholders.
4. Assess scope and impact.
5. Decide on remediation and communications.
6. Update policy, training, or workflow to prevent recurrence.

## Incident record fields

- date and time
- reporter
- tool involved
- users involved
- data involved
- description
- immediate containment actions
- impact estimate
- corrective actions