AI ACCOUNTABILITY BOUNDARY (ONE-PAGE TEMPLATE)

Purpose
Define where AI tools can be used, where they cannot, and what humans must own. This is not a policy statement; it’s an operating rule enforced in reviews, approvals, and incident response.

1) Scope (pick one system/surface)
System/surface: __________________________
Examples: authentication, billing, infra-as-code, customer data pipelines, mobile release process.

2) Non-negotiable outcomes (write 3–6)
- ______________________________________
- ______________________________________
- ______________________________________
Examples: “No unauthorized access,” “No double-charging,” “Data retention rules enforced,” “Rollback in <X> steps.” (Avoid numbers if you don’t have them.)

3) AI allowed use (be specific)
Allowed tools: ____________________________
Allowed tasks:
- Drafting unit tests
- Refactors without behavior change
- Summarizing logs/tickets for faster triage
- Generating documentation templates

4) AI restricted use (explicitly banned or gated)
Banned tasks (always human-only):
- ______________________________________
Gated tasks (allowed only with extra review/approval):
- ______________________________________
Examples: “Changing auth flows,” “Modifying payment routing,” “Editing IAM policies,” “Changing data access controls.”

5) Required checkpoints (what must happen before merge/deploy)
Design checkpoint required? Yes / No
Code review required by (role/team): __________________
Pre-merge gates required (select): tests / lint / secret scanning / SAST
Deploy approval required by: __________________________

6) Evidence standard (what counts as ‘true’)
Any decision must cite at least one:
- Logs/metrics/traces link
- Ticket/incident ID
- Vendor documentation URL
- Benchmark script or test results

7) Audit trail (minimum viable)
Where prompts/outputs are recorded (if at all): ______________________
Where final decision is recorded: PR description / ADR / ticket / incident doc
Required PR note when AI is used:
- Tool used:
- What output was accepted:
- What was rejected/changed and why:

8) Ownership
Single accountable owner (name/role): ______________________________
Backup owner: _____________________________________________________
Escalation path (who decides in ambiguity): _________________________

9) Enforcement trigger
This boundary is enforced at:
- PR review
- Deploy approval
- Incident review

Signature (optional but useful)
Owner: __________________________ Date: __________________________
CTO/Head of Eng: _________________ Date: __________________________