AI Incident Response Plan Template

Your AI assistant just sent 47 clients the wrong invoice. Your document automation workflow routed confidential merger details to a public folder. Your chatbot told a prospect your firm doesn't handle the exact case type you specialize in.

These aren't hypothetical scenarios. They happen. And when they do, you have about 15 minutes to contain the damage before it becomes a crisis.

This template gives you the exact playbook to execute when AI systems fail. Copy it, customize the bracketed fields, and drill your team on it quarterly.

Map Your AI Failure Surfaces

List every AI system you run and its specific failure modes. Use this table format:

| AI System | Failure Mode | Worst-Case Impact | Detection Method | |-----------|--------------|-------------------|------------------| | [Email assistant] | Sends message to wrong recipient | Client confidentiality breach | Manual report, audit log review | | [Document automation] | Populates wrong client data in template | Malpractice claim, regulatory violation | Client complaint, QA spot check | | [Intake chatbot] | Provides incorrect legal advice | Unauthorized practice of law claim | Chat transcript review | | [Billing workflow] | Miscalculates hours or rates | Revenue loss, client dispute | Finance team reconciliation |

Fill this out for every AI tool you use. If you can't identify the failure mode, you're not ready to use that tool in production.

Assign Response Roles With Phone Numbers

Create a contact card with these five roles. Print it and tape it inside every manager's desk drawer.

Incident Commander: [Name, mobile, backup mobile]

• Authority to shut down any AI system immediately
• Final decision on client notifications
• Reports to managing partner within 30 minutes of incident confirmation

Technical Lead: [Name, mobile, vendor contact info]

• Access to all AI system admin panels and API keys
• Maintains vendor escalation contacts
• Can roll back deployments without approval during active incident

Communications Lead: [Name, mobile]

• Pre-approved to send holding statements to clients
• Owns internal Slack/Teams incident channel
• Coordinates with outside counsel if breach involves PII

Business Continuity Lead: [Name, mobile]

• Maintains manual process documentation for every AI workflow
• Can reassign staff to manual operations within 1 hour
• Tracks financial impact of downtime

Compliance Lead: [Name, mobile, state bar contact, insurance broker]

• Knows reporting deadlines for your jurisdiction (usually 72 hours for data breaches)
• Maintains incident log for malpractice insurance
• Advises on regulatory notification requirements

Test this call tree every quarter. If anyone takes longer than 10 minutes to respond, replace them.

Phase 1: Detect and Confirm (Target: 5 minutes)

Detection triggers:

• Client complaint about incorrect information
• Staff member notices AI output doesn't match source data
• Monitoring alert from AI system dashboard
• Unusual spike in error logs or failed workflow runs

Confirmation checklist:

1. Can you reproduce the error? Try the same input twice.
2. Is it isolated to one user/client or system-wide? Check 3 recent outputs.
3. Did the AI system produce the error, or is it a data source problem? Trace the input.

Decision point: If you confirm the AI system is producing incorrect outputs, sending data to wrong destinations, or blocking critical workflows, declare an incident and notify the Incident Commander immediately.

Do not wait to understand the full scope. Declare first, investigate second.

Phase 2: Contain the Damage (Target: 15 minutes)

Immediate containment actions:

For wrong message/output incidents:

1. Disable the AI system's ability to send new outputs (turn off API

   API

   Click to read the full definition in our AI & Automation Glossary.

   access, pause workflow, disable chatbot)
2. Pull a list of all outputs generated in the last [24 hours / since last known good output]
3. Identify which outputs went to external parties (clients, prospects, opposing counsel)

For data misrouting incidents:

1. Revoke access to the destination where data was incorrectly sent
2. If data went to cloud storage, delete it and check version history
3. If data went via email, send recall request (Outlook) and follow up with phone call
4. Screenshot the access logs showing who viewed the misrouted data

For workflow breakdown incidents:

1. Switch to manual process immediately (Business Continuity Lead activates backup procedures)
2. Notify all users that the AI system is offline
3. Create a tracking spreadsheet for work that needs to be processed manually

Containment confirmation: Before moving to Phase 3, verify:

• The AI system cannot produce new incorrect outputs
• You have a complete list of affected outputs/data
• Manual processes are active and staff know what to do

Phase 3: Assess Client Impact (Target: 30 minutes)

Pull the list of affected outputs from Phase 2. For each one, answer:

Impact severity matrix:

Critical (notify within 1 hour):

• Confidential client data sent to wrong recipient
• Incorrect legal advice that could cause client harm
• Billing error over $5,000 or 20% of invoice value
• Missed court deadline or filing requirement

High (notify within 4 hours):

• Incorrect information that could cause client confusion or minor harm
• Data sent to correct client but wrong matter
• Billing error under $5,000
• Workflow delay that impacts client timeline

Medium (notify within 24 hours):

• Internal process error with no client-facing impact
• Cosmetic errors in client communications (typos, formatting)
• Workflow delay with no client impact

Low (document only):

• Error caught before any output was delivered
• Internal-only system with no client data

For every Critical and High impact incident, the Communications Lead drafts client notifications using the templates in Phase 5.

Phase 4: Root Cause Analysis (Target: 2 hours)

The Technical Lead investigates while containment holds. Use this diagnostic sequence:

Step 1: Check the AI system's recent changes

• Was there a model update, new training data, or configuration change in the last 7 days?
• Review deployment logs and change management tickets

Step 2: Examine the input data

• Pull the exact input that triggered the error
• Compare it to inputs that produced correct outputs
• Check for data quality issues (missing fields, unexpected formats, special characters)

Step 3: Review the AI system's decision logic

• If using a custom model, check confidence scores on the incorrect output
• If using a third-party API

  API

  Click to read the full definition in our AI & Automation Glossary.

  (OpenAI, Anthropic), check for API

  API

  Click to read the full definition in our AI & Automation Glossary.

  errors or rate limiting
• Review any business rules or filters applied after the AI output

Step 4: Test the fix hypothesis

• Create a test environment with the same configuration
• Reproduce the error with the original input
• Apply your proposed fix and verify it resolves the issue
• Test with 10 additional inputs to confirm no new errors

Document your findings:

• Root cause: [Specific technical reason for failure]
• Contributing factors: [Data quality issues, configuration errors, vendor problems]
• Fix implemented: [Exact changes made]
• Validation results: [Test outcomes confirming fix works]

Phase 5: Client Communication

Use these templates. Customize the bracketed sections.

Template 1: Critical Incident (Confidentiality Breach)

Subject: Urgent: Data Security Incident Notification

[Client Name],

I'm contacting you immediately about a data security incident that occurred on [date] at [time].

What happened: Our AI-powered [system name] incorrectly routed [description of data] to [wrong destination]. We discovered this at [time] and took immediate action to [containment steps].

What data was affected: [Specific description - be precise]

Who may have accessed it: [Specific individuals or "unauthorized party"]

What we've done:

• [Specific containment action 1]
• [Specific containment action 2]
• Disabled the AI system to prevent further incidents

What you should do: [Specific client actions, if any]

What we're doing next: [Remediation plan and timeline]

I'm available at [phone] right now to discuss this. I'll call you within the next 15 minutes.

[Your name] [Title]

Template 2: High Impact (Incorrect Output)

Subject: Correction Required: [Document/Communication Type]

[Client Name],

I need to correct information we provided on [date] regarding [matter].

Our AI-assisted [system name] generated an error that resulted in [specific incorrect information]. The correct information is [specific correct information].

This error [does/does not] affect [specific client decision or action].

We've taken the following steps:

• Disabled the AI system that caused the error
• Reviewed all recent work product for similar errors
• Implemented [specific fix]

If you've taken any action based on the incorrect information, please contact me immediately at [phone].

[Your name] [Title]

Template 3: Medium Impact (Internal Process Error)

Subject: Process Update: [Matter Name]

[Client Name],

I'm writing to inform you of a process delay in [workflow name]. Our AI-powered system experienced a technical issue on [date], which has delayed [specific deliverable] by [timeframe].

We've switched to manual processing and expect to deliver [deliverable] by [new date]. This does not affect [reassurance about what's not impacted].

No action is required on your part. I'll update you on [date] with confirmation of completion.

[Your name] [Title]

Phase 6: Post-Incident Review (Within 72 hours)

Schedule a 90-minute meeting with the full response team. Use this agenda:

Incident timeline review (15 minutes)

• Walk through the timeline from detection to resolution
• Identify any gaps or delays in the response

Response effectiveness (30 minutes)

• What worked well?
• What slowed us down?
• Did we have the right people and tools?
• Were our containment procedures effective?

Root cause validation (20 minutes)

• Do we agree on the technical root cause?
• Were there organizational or process factors that contributed?
• Could we have detected this earlier?

Prevention measures (25 minutes)

• What changes to the AI system will prevent recurrence?
• What monitoring or testing gaps need to be filled?
• Do we need to change how we use this AI tool?

Action items:

1. [Specific technical fix with owner and deadline]
2. [Process change with owner and deadline]
3. [Training or documentation update with owner and deadline]
4. [Monitoring enhancement with owner and deadline]

Document retention: Save all incident documentation for 7 years minimum. Your malpractice insurance will require it.

Run a tabletop exercise every quarter. Use this scenario template:

Scenario: At 2:47 PM on a Tuesday, your intake chatbot tells a prospect that your firm doesn't handle [case type you actually specialize in]. The prospect posts a screenshot on LinkedIn tagging your firm. A reporter from [local legal publication] emails your marketing director asking for comment.

Drill objectives:

• Response team assembles within 10 minutes
• Incident Commander makes containment decision within 15 minutes
• Communications Lead drafts holding statement within 30 minutes
• Technical Lead identifies root cause within 2 hours

Pass/fail criteria: If any objective is missed, the drill fails. Schedule a remediation drill within 2 weeks.

Speed beats perfection. Contain first, understand later. A 15-minute response with 80% information is better than a 2-hour response with complete information.

Assume the worst. If you're not sure whether data was accessed, assume it was. If you're not sure how many outputs were affected, assume all outputs since the last verified good output.

Communicate early. Clients forgive mistakes. They don't forgive cover-ups or delays. If you're going to notify a client, do it within the first hour.

Test your tools. If you can't disable an AI system in under 60 seconds, you don't control it. If you can't pull an audit log of all outputs, you can't use it for client work.

This template assumes you're running AI systems that touch client data or client-facing communications. If you're just using AI for internal research or drafting, your risk profile is lower but the response framework still applies.

Print this. Drill it. Update it after every incident. The plan you practice is the plan you'll execute when your AI system fails at the worst possible moment.