MODEL RISK CHARTER — 1-PAGE TEMPLATE (Copy/Paste)

Purpose
Define how the company approves, operates, and audits AI/LLM usage in production and internal workflows. This is an operating document: it assigns decision rights.

1) Scope
- In scope: Any use of LLMs or generative models that touches company data, customer data, code, deployments, support workflows, or can trigger an external action.
- Out of scope (explicit): Non-sensitive personal experimentation with no company data and no customer impact.

2) Named Owner (Single Accountable Person)
- Model Risk Owner (D): ____________________
- Security Partner: _________________________
- Legal/Privacy Partner: ____________________
- Platform/Infra Partner: ___________________
Decision rule: If there’s a dispute, the Model Risk Owner decides and documents rationale.

3) Approved Access Paths (Default “Safe Path”)
List the only approved ways teams may access models:
- Path A (UI): _____________________________ (tenant settings, allowed users)
- Path B (API Gateway): ____________________ (logging, redaction, auth)
- Path C (Cloud-hosted): ____________________ (IAM integration, regions)
Exceptions require Section 8.

4) Data Classification Rules
Define what can go where:
- Prohibited: (e.g., secrets, credentials, private keys)
- Restricted: (e.g., customer PII, contracts) — allowed only via: _______
- Internal: (e.g., runbooks) — allowed via: _________________________
- Public: (e.g., docs, marketing site) — allowed via: ________________
Also define retention requirements for prompts/outputs: _______________

5) Tool/Agent Permission Tiers
- Tier 0: Read-only, no external actions
- Tier 1: Draft actions (creates drafts only; human must approve)
- Tier 2: Limited write with allowlist (specific tools, scoped permissions)
- Tier 3: Autonomous actions (rare; requires exec sign-off)
Map each AI feature to a tier and owner: _____________________________

6) Logging & Audit Evidence (Non-Negotiable)
Minimum evidence captured for production use:
- Trace ID, model/vendor, version/policy ID
- Redacted prompt + key context sources
- Tool calls (inputs/outputs), permissions used
- Final action taken and approval signal (if any)
Storage location: ____________________ Retention: ___________________

7) AI Incident Definition & Response
AI incidents include (check all that apply):
- Data exposure or cross-tenant leakage
- Unauthorized tool action or incorrect high-impact action
- Harmful/unsafe output shipped to users
- Vendor outage causing user-facing failure
Response basics:
- Incident commander role: __________________
- Customer comms owner: ____________________
- Postmortem required for Sev-1/Sev-2 within: ______ days

8) Exceptions Process (With Expiry)
To request an exception, provide:
- Business reason:
- Data involved:
- Planned controls:
- Expiry date (required):
Approvers: Model Risk Owner + Security + Legal (as needed)

9) Review Cadence
- Monthly: review exceptions and incidents
- Quarterly: vendor/policy review (terms, retention, training use, outages)
Next review date: ____________________________

Sign-off
Model Risk Owner: __________________ Date: __________
Security: __________________________ Date: __________
Legal/Privacy: _____________________ Date: __________