Submit this form for any AI-related change before implementation. Required for all new AI tool adoptions, agent pipeline deployments, automation changes, and model or prompt updates that affect production workflows.
Draft
No draft saved
01Change Classification
Standard
Pre-approved, low-risk, routine change following an established procedure. No novel risk.
Pre-approved · No CAB meeting required
Normal
Planned change with assessed risk. Requires full CAB review and approval before implementation.
5 business days lead time
Emergency
Urgent change required to restore service or address an active security incident. Expedited review.
Emergency CAB · 4hr review window
⚠
Emergency changes require verbal approval from the Operations Owner and Security Lead before implementation. Complete this form as soon as possible after the emergency action. Full post-implementation review required within 72 hours.
02Requester Information
Submitted By *
Department / Team *
Submission Date *
Requested Implementation Date *
Change Reference ID
Related Risk Register Item
CAB Distribution Email *
This address will be pre-filled when you use the Send to CAB button
03Change Description
Change Title *
AI Tool / Service / Model Involved *
Include version or model name if applicable
Change Type *
What is changing and why? *
What systems, workflows, or people are affected? *
Does this change touch client data or environments? *
Data types involved
⚠
Client data involvement requires a completed AI Vendor Assessment on file and a review of the AI Data Safety policy before CAB approval can be granted. Attach the vendor assessment in Section 06.
04Risk Assessment
💡
Select one cell that best represents this change. Likelihood = probability of something going wrong. Impact = severity if it does. The cell colour and label becomes the risk rating for this change request.
Low Impact
Medium Impact
High Impact
Low Likelihood
Low
Low
Medium
Medium Likelihood
Low
Medium
High
High Likelihood
Medium
High
Critical
Risk Justification *
Mitigations / Controls in Place
05Implementation & Rollback Plan
Implementation Steps *
Estimated Implementation Time
Maintenance Window Required?
Rollback Plan *
A change with no viable rollback plan requires Critical risk rating and mandatory Security Lead sign-off.
Success Criteria — How will you know it worked?
06Required Attachments
Check each item that has been attached or is confirmed not applicable. Required items must be resolved before CAB review.
☐ Completed AI Vendor Assessment
☐ Test Results / POC Evidence
☐ Architecture / Data Flow Diagram
☐ Security Review Sign-off
☐ Relevant Risk Register Entry
☐ Updated SOP / Runbook
☐ Client Notification Draft (if applicable)
07CAB Decision Block
Completed by the Change Advisory Board. Do not fill in this section as the submitter.